Cyberattacks on Mt. Gox began soon after failed bitcoin firm’s launch: police

Kyodo, JIJI

Failed bitcoin exchange operator Mt. Gox received several cyberattacks between 2011 and 2013 aimed at withdrawing the virtual currency, investigative sources said Thursday.

Mt. Gox CEO Mark Karpeles established the bitcoin exchange operator, based in Shibuya, Tokyo, in August 2011. The latest information indicates the series of cyberattacks began soon after the exchange opened.

The information surfaced as the Metropolitan Police Department has launched a full investigation into alleged illegal withdrawals of bitcoin after Mt. Gox went belly up in late February due to the online thefts.

Former Mt. Gox employees also told Kyodo News the company was attacked by hackers at least five times between 2011 and 2013, confirming the MPD information.

The MPD’s cybercrime unit analyzed the materials and found that 27,000 bitcoins, worth some ¥1.6 billion at the present value, had been illegally withdrawn.

According to the sources, some 7,000 bitcoins were withdrawn fraudulently by someone who utilized a software bug in Mt. Gox’s system for managing bitcoin transaction records. The remaining 20,000 bitcoins were sent elsewhere from a user account opened at Mt. Gox without authorization, the sources said.

The 27,000 bitcoins were stolen between 2011 and 2013.

After filing for bankruptcy protection with the Tokyo District Court in February, Mt. Gox submitted relevant materials and data, including computer logs, to the MPD the following month, saying most of the bitcoins held by the company and users of the exchange had disappeared due to unauthorized accesses to its computer system.

On July 23, Mt. Gox organized a meeting in Tokyo with bitcoin users whose money has been lost. During the meeting, which was closed to the media, Karpeles showed up in public for the first time in months and offered an apology to about 100 users and explained the prospect of financial compensation, according to participants.