Mt Gox – Bitcoin’s Biggest Heist
At the beginning of 2014, a bitcoin exchange based in Japan known as Mt. Gox was the largest bitcoin exchange in the world. At least it was the largest, until less than three months later, when it went bankrupt.
The hack on Mt. Gox was and still is the biggest heist in Bitcoin’s history. Mt. Gox lost 740,000 bitcoins, valued at the equivalent of around £500 million at the time and over £1 billion at November 2017 prices. The number of bitcoins that Mt. Gox lost was equivalent to 6% of all the bitcoins in existence at the time.
Prior to the 2014 heist, in June 2011, Mt. Gox was hacked as a result of a compromised computer belonging to the auditor of the company. If nothing else, bitcoin heists are usually very imaginative – on this occasion the hacker used the access to artificially alter the nominal value of bitcoin to one cent before transferring around 2,000 bitcoins from customer accounts on Mt. Gox, which were then sold. As a result of the hack, Mt. Gox upped their security measures, this included arranging for a large percentage of its bitcoin to be taken offline and held in cold storage.
Despite the June 2011 hack, by June 2013, Mt. Gox had certainly established itself as the largest bitcoin exchange in the world. It was also at this point in time where the price of bitcoin had increased dramatically (from less than $10 to $1,200). However, behind the scenes all was not well.
The company was a disorganized mess of an organization with poor security procedures and serious issues relating to the operation of the business. In May 2013, Mt. Gox was sued for $75 million by their former business partner – Coinlab – due to breach of contract. At around the same time, the US Department of Homeland Security seized more than $5 million from the companies bank accounts after it was found that a subsidiary of Mt. Gox operating in the US was not licensed. As a result, Mt. Gox had to announce a temporary suspension of withdrawals in US dollars. This resulted in the company losing its place as the largest bitcoin exchange in the world – they dropped to third. It was only after this that the company realised they had been the victim of an ongoing hack for over two years.
On 7th February, the bitcoin exchange stopped all bitcoin withdrawals stating that they were merely pausing withdrawal requests. However, later that month, a leaked corporate document claimed that hackers had raided the companies exchange and had stolen 744,408 bitcoins belonging to customers of Mt. Gox and 100,000 bitcoins belonging to the company. On 28th February Mt. Gox had become insolvent and filed for bankruptcy protection in Japan, two weeks later they did the same in the USA.
Although the investigation is still ongoing, it is presumed that most of the stolen bitcoins were taken from the company’s online wallets, including all of the bitcoins being held in cold storage due to a ‘leak’ in the online wallet. The investigation has however proven that the hack of Mt. Gox began as early as September 2011 and that the company had practically lost all of its bitcoins by the middle of 2013.
Where did the money go?
Incredibly, 650,000 of the bitcoins stolen still remain unaccounted for. Although some online theories have developed as to where they could have gone. One such theory is that Mt. Gox never had the amount of coins that it claimed, and that Mark Karpeles – the CEO of the company – had manipulated the numbers to make it appear that the company held more bitcoin then they actually had in reality. Another states that the storage may have been compromised by an individual with on-site access and some think that a lack of accountability among staff members meant that there was no awareness that the wallets were being drained by hackers.
In July 2017, however, a Russian man named Alexander Vinnik was arrested by US authorities whilst holidaying in Greece. He has been charged with playing a key role in the laundering of bitcoins stolen from Mt. Gox. Vinnick is alleged to be associated with BTC-e, an established bitcoin exchange and has also been alleged to have laundered $4 billion in bitcoin. BTC-e has since been shut down and the domain has been seized by the FBI. Investigations by a group of bitcoin security specialists – Wizsec – had identified Vinnik as the owner of the wallets into which the stolen bitcoins were transferred. According to Wizsec, many of those same bitcoins were then sold on BTC-e.
Following the failure of Mt. Gox, US authorities have continued to shut down major deep web black marketplaces which were used to launder stolen cryptocurrencies and turn them into fiat currencies. However, there are other ways in which to turn bitcoins into fiat currencies. Online gambling is one way. Bitcoin casinos are becoming more and more popular and can be used for money laundering, although this is risky, the more money you launder the higher the risk. However, people who want to play with their legitimately gained bitcoin can gamble too completely legally- online comparison site CasinoGuide even lists several online casinos in the UK which offer this in a fully regulated environment.
Japan have also introduced new laws to regulate bitcoins and other cryptocurrencies in order to make hacks and heists less likely as well as to put a halt money laundering.
The investigation into the Mt. Gox bitcoin heist is still ongoing.
The Nicehash Hack – $60 million of Zombie Cash
The Nicehash hack happened in December 2017 and is one of the largest in terms of the value of bitcoin that was stolen which totaled around $60 million.
Nicehash is a Slovenian company that allows users to sell hashing power – the power that your computer or hardware uses to run and solve different algorithms. These algorithms are used for verifying transactions involving cryptocurrencies. The process is also known as mining.
Nicehash was hacked on December 6th 2017. “Our payment system was compromised and the contents of the Nicehash bitcoin wallet have been stolen,” the company announced in a Reddit post. Following the hack, CEO Marko Kobal decided to resign.
The hack itself was “a highly professional attack with sophisticated social engineering” said NiceHash head of marketing Andrej P Škraba. VPN logs suggest that the hackers accessed NiceHash’s system through a VPN login using one of its engineer’s credentials. They then learnt and simulated the workings of NiceHash’s payment system before they begun making transactions.
After the hack, users on Reddit pointed out a specific external wallet which had more than $60 million on it. Nicehash have confirmed that the wallet in question is indeed the wallet that contains the stolen bitcoin. As the stolen coins are visible to all, the hackers are at a large risk of being caught if they decide to move the bitcoin. Furthermore, due to co-operation with other major exchanges there is also the possibility that the coins will be confiscated if they are moved to an exchange.
The hackers will want to attempt to launder the stolen bitcoin so that they can convert them into fiat currency. They can do this in a variety of ways. In 2013, almost 90% of illicit bitcoins were put through Silk Road – the now FBI-seized website. Following this, criminals looking to launder bitcoin would send them through AlphaBay – however in 2017 that AlphaBay was also seized by the FBI. Bitcoin launderers have also been known to convert their bitcoins through gambling websites. Although Bitcoin gambling through casino websites is almost always done in a completely legitimate way, it is possible for hackers to launder stolen bitcoins this way, although it is very risky at the same time as casino sites do their upmost to deter criminals from gambling with them.
The investigation surrounding the Nicehash hack is also ongoing as the police look to uncover evidence in order to discover who the sophisticated hackers are. Following the hack, the website was back online only 2 weeks after the initial heist. Nicehash also vowed to return all of the stolen bitcoin back to their customers – the platform has so far returned 60% of the coins stolen.
Please follow and like us: