500k Bitcoins traded in 1h, Mt.Gox market hacked + crash

by eis on 6/19/2011, 6:36 PM with 245 comments
  • by buro9 on 6/19/2011, 7:10 PM

    From the mt.gox site:

      Huge Bitcoin sell off due to a compromised account - rollback
  
  The bitcoin will be back to around 17.5$/BTC after we rollback all trades that have happened after the huge Bitcoin sale that happened on June 20th near 3:00am (JST).
  
  Service should be back by June 20th 10:00am (JST, 01:00am GMT) with all the trades reversed and accounts available.
  
  One account with a lot of coins was compromised and whoever stole it (using a HK based IP to login) first sold all the coins in there, to buy those again just after, and then tried to withdraw the coins. The $1000/day withdraw limit was active for this account and the hacker could only get out with $1000 worth of coins.
  
  Apart from this no account was compromised, and nothing was lost. Due to the large impact this had on the Bitcoin market, we will rollback every trade which happened since the big sale, and ensure this account is secure before opening access again.
    I'm interested in the fact that they can do a rollback... is that just a rollback of their transaction log? Are they buffering transactions for a significant period before submitting them back to the network?

  • by tlrobinson on 6/19/2011, 7:36 PM
  • by eis on 6/19/2011, 6:51 PM

    A little bit explanation:

    Mt.Gox is the biggest bitcoin market place by far. During the last 1h the whole volume of about 500k BTC was traded making the price drop from somewhere around $17 to virtually nothing.

    Details are not available yet. It could have been a bug or an intrudor.

    Rumors have it that someone with a huge wallet got hacked.

    <+MagicalTux> someone with lots of coins did get hacked

    MagicalTux is working on Mt.Gox

    Also some other markets like btcex or tradehill are seeing problems and/or price drops.

    Update: Mt.Gox have published an announcement:

    https://support.mtgox.com/entries/20208066-huge-bitcoin-sell...

  • by trotsky on 6/19/2011, 8:19 PM

    This was apparently on HN 14 hours ago:

    Mtgox hacked database listed for sale (pastebin.com)

    http://news.ycombinator.com/item?id=2670302

    pointed to: http://pastebin.com/ui0nusuZ

    which says:

      I have hacked into mtgox database. Got a huge number of logins password combos.
  Mtgox has fixed the problem now. Too late, cause I've already got the data.

  Will sell the database for the right price.
  Send your offers to:
  gfc06@hotmail.com

  • by skrebbel on 6/19/2011, 6:53 PM

    i must admit i'm somewhat impressed how fast the hackers and cheaters managed to take over bitcoin trading.

    i think it's kind of cute. people hoped for an economy no government could control, and got exactly that: anarchy and a burning world.

  • by phamilton on 6/19/2011, 8:11 PM

    I'm a little annoyed that MtGox effectively is bitcoin. I've been spending my mined coins on goods from various merchants and it has been working great. That's what bitcoin is designed to be, a currency. Recently there's so much speculation and people buying, holding and selling that so much focus has shifted away from the real use.

  • by nazgulnarsil on 6/20/2011, 7:11 AM

    This is an "I told you so" post, but not about bitcoin, about the current exchanges.

    I haven't cashed out any bitcoins because the current exchanges are a fucking joke and I've said as much many times in the IRC channel and forums. Bitcoins will remain a novelty for people with lots of disposable income until it has a real money changing service linking it to other exchanges. I can not conceive of the level of folly it would take for me to put anything more than pocket money on one of the current exchanges.

  • by eis on 6/19/2011, 7:21 PM

    Newest update:

    Apparently someone got the whole user account database of Mt.Gox

    I wont publish the link to it though for obvious reasons.

    Quick analysis: the database is legit, it contains user id, username, email if set, and a bcrypt hash. The hashes seem salted with a global salt.

  • by nkohari on 6/19/2011, 7:36 PM

    The entire account database was also leaked:

    http://forum.bitcoin.org/index.php?topic=19543.0

  • by lubos on 6/19/2011, 6:58 PM

    If this was legitimate "dump" (by someone who obviously didn't care about the money), it was certainly the fastest crash of any known market ever.

  • by crayz on 6/19/2011, 6:47 PM

    That's about 7% of the total number of bitcoins in circulation. Anyone have details on how this happened?

    http://blockexplorer.com/q/totalbc

  • by Tichy on 6/19/2011, 7:04 PM

    Does anybody have a link to instructions for reading that kind of chart (or the name of the chart type)? I used to know, but it has been many years.

    I suppose green bars means the price went up and red down, and the bar extends between the high and low price. But what does the chunk in the middle mean? And where can I see that 500k were traded?

  • by Tichy on 6/19/2011, 8:31 PM

    I like the looks of this chart of the crash, haven't seen that kind before: http://leanback.eu/bitcoin/plots/20110619195756-mtgox.png (found via @zedshaw on Twitter)

  • by gburt on 6/19/2011, 7:05 PM

    Lower limit of $0 a bitcoin showing there, did someone really dump bitcoins at $0.01?

  • by citricsquid on 6/19/2011, 6:46 PM

    So for someone who doesn't understand economics that much, what does this mean? Have bitcoins finally failed?

  • by omarchowdhury on 6/19/2011, 8:53 PM

    <CorvusCorax> poor bot had a division by zero when trying to calculate the mt gox exchange rate

  • by base on 6/20/2011, 4:24 AM

    Out of curiosity, how does the Mt.Gox hold the bitcoins. Do they have a bitcoin account for every user or do they hold all the bitcoins in their account and trades are only changes in their database?

  • by on 6/20/2011, 3:00 AM

    undefined

  • by pnathan on 6/19/2011, 8:52 PM

    I'm on record here as saying a few weeks ago that a BTC bank needs to be established.

    I reiterate my position. A BTC bank needs to be established, with appropriate data protection features.

  • by on 6/19/2011, 7:08 PM

    undefined

  • by spenvo on 6/19/2011, 7:27 PM

    The flash sale broke the price resistance chart: http://mtgoxlive.com/orders

  • by ebaysucks on 6/19/2011, 6:59 PM

    If the 500K Bitcoins sold are the total of the Bitcoins in all MtGox wallets, than Bitcoin is over.

    Sample of one: I have for about 100 USD in Bitcoins at MtGox, if they got stolen today, I will leave the project.

  • by Tichy on 6/19/2011, 7:07 PM

    Interesting that on bitmarket.eu there are a lot of buy offers for 0.01€ suddenly. I wonder if those are already bots trying to automatically react to the mtgox price.

  • by KarlFreeman on 6/20/2011, 9:49 AM

    If you want to check if you've been Mt.Goxed I whipped up a little something for that

    http://mtgoxed.herokuapp.com/

  • by mrkva on 6/19/2011, 8:39 PM

    If you feel like complaining, check Complainr: http://complainr.syx.sk/

    Some people already started :)

  • by on 6/19/2011, 6:57 PM

    undefined

  • by Osiris on 6/19/2011, 6:49 PM

    mtgox.com is offline. Did they shut trading down?

  • by funkah on 6/19/2011, 8:13 PM

    I wanted to see if I could buy some on the cheap, but I wasn't already set up to do so. I would never take this currency seriously, but I'd be willing to put in a bit of money to speculate a bit.

    I looked at bitmarket.eu but they have a manual verification process, which I'm sure would not complete until after the price recovers. Oh well.

  • by mikemoka on 6/19/2011, 6:57 PM

    maybe they did it for the lulz again?

    http://twitter.com/#!/LulzSec/status/79678588407906304

  • by anonymous on 6/20/2011, 1:02 AM

    haha

  • by aquarin on 6/19/2011, 7:43 PM

    We shouldn't be surprised by this. This monetary have no authority behind it.