Bitcoin Hacking | History snapshot - Mt. Gox​

2014 saw the first big crash in the blockchain and Bitcoin space, drawing the attention even of people who didn’t own Bitcoin and had no interest in it. Mt. Gox, the largest Bitcoin exchange closed without being able to refund their clients’ deposits. At first, the problem that Mt. Gox clients faced during withdrawals appeared to be technical. However, that was not a temporary glitch but an outright collapse. Not even a partial reimbursement of clients’ money was possible.

During the last days of the exchange with its ‘technical problems,’ Mt. Gox was isolated from the blockchain. As a result, the internal exchange rate dropped to $100, and all trading was halted. A few days later, the “brass hats” announced that Mt. Gox was closed.

The collapse of Mt. Gox clearly showed that this would not be an isolated incident and that hacking would undoubtedly continue in the cryptocurrency space, especially in Bitcoin pools. The reason is simple – the risk versus reward ratio is like “red to a bull” in the eyes of hackers and fraudsters. Even though, at the moment, Bitcoin’s price has dropped from the astronomical height of $20,000 per coin, it’s still better bet trying to steal Bitcoins than deal with the advanced security systems of conventional banks. 400K BTC was stolen from Mt. Gox, the equivalent of $8 billion at Bitcoin’s highest price. Even at the time of the attack, that number was a staggering $300-400 million.

In 2014, Bitcoin and the blockchain were relatively new technologies – much learning still lay ahead, and hackers were making their own discoveries. Moreover, there was not much in terms of a legal framework or recourse. This is partly what makes the cryptocurrency space so attractive to hackers and thieves, as opposed to the highly regulated, controlled, and protected banking technologies that decrease attack risks every year. Moreover, law enforcement is prepared to protect a bank under attack for the most part. Nothing of the sort could be said about the cryptocurrency space, even in 2018.

But the question remains – what happened at Mt. Gox?

Experts say that Bitcoin protocol has a very important feature – transaction malleability, which is a kind of “transaction flexibility” algorithm. “TX Malleability,” as it’s known, is a code that prevents two equal transactions from being executed. For instance, if two or more similar transactions are made with the same payment instructions but different transaction identifiers (hash codes), TX Malleability keeps the last one and cancels all others, treating them as wrong transactions.

Bitcoin Hacking History - Mt. Gox - ForexPeaceArmy Book

Even today, there is a great deal of debate as to whether this is a flaw or a useful feature. Nevertheless, TX Malleability might be the reason for the collapse of Mt. Gox.

To provide some technical detail, which might interest some of our readers, a transaction identifier – called a “transaction hash” – is like as unique as a fingerprint. Unlike a fingerprint, however, the transaction ID changes if the transaction that it represents changes in any way. Much like bank checks require handwritten signatures, Bitcoin transactions have digital signatures. Like handwritten signatures, digital signatures can vary slightly and still be valid. Since the transaction identifier takes into account everything in the transaction, the identifier changes if the digital signature changes. These subtle changes take place before a transaction is added to a block. After the transaction and the signature have been added to the blockchain, they become immutable.

This mutability can be problematic because someone can change the transaction identifier by slightly modifying the signature. This is the equivalent of replacing a handwritten signature on a check. The amount on the check would not change, but changing the signature would cause the check identifier to change.

Transaction identifiers are particularly important because, as a global ledger, Bitcoin is organized around them. New transactions refer to past transaction identifiers to prove that the signature is correct.

This means that, under certain conditions (e.g., Mt. Gox software nuances), TX Malleability allowed hackers to generate the same transaction twice with different IDs. In that scenario, the exchange’s software would assume that the first transaction was not completed and send the funds twice. As a result, the hacker would receive the money twice.

This was the explanation given to the victims of the Mt. Gox collapse regarding the ‘temporary’ withdrawal problems.

Was Mt. Gox an inside job?

Perhaps... after all, a prison term was handed down to Mark Karpeles, CEO and major shareholder of Mt. Gox, following a lengthy investigation. In this article, you can read more about Karpeles’ personality and life at the time of the crisis, as well as about certain events that took place in his office around that time.

New facts are still surfacing even four years later; the Mt. Gox fiasco has become a detective thriller that is far from over. Here is an excellent article from Fortune magazine on the subject.
While our article is focused on the technical issues surrounding the crash, here we present the chronology:


Let’s return to the possibility of an “inside job,” for a moment. Certainly the attack could have been carried out from the outside, but it would have been much easier if someone had direct access to the exchange’s internal software.

Also, very soon after Mt. Gox’s default, Mark Karpeles’ blog was hacked. This added to the scandal and made many people doubt that the attack was external. Anonymous hackers published information implicating Karpeles, along with a large portion of Mt. Gox’s database and operational statements. The hackers pointed out that they had found approximately 1 million BTC in Mt. Gox’s accounts – the same amount that was stolen according to Mt. Gox’s statement.

For unknown reasons, the above information was deleted soon after publication. Karpeles has not commented on the matter.

What can we take away from Mt. Gox?

Decentralization and lack of regulation may sound good to some people but, to most, this means that conventional security standards cannot be enforced in the blockchain and Bitcoin space. After the collapse of Mt. Gox, however, it has become more difficult even for supporters of decentralization and lack of regulation to object that cryptocurrency requires a special approach to security.

At present, Bitcoin enthusiasts and the cryptocurrency community deal mostly with companies with good reputations and high technical expertise. The desire to increase security and maintain client loyalty ensure that Bitcoin and cryptocurrency have a future.