- The devastating hack on MtGox which saw 647,000 bitcoins stolen over two-and-a-half years started 12 years ago today
- Russian hackers stole the hot wallet and the private keys to 100,000 addresses associated with it, allowing them to siphon off coins deposited into those addresses
- A forthcoming book by FullyCrypto writer Mark Hunter details the full story of the hack and its fallout
The devastating hack on MtGox that led to 647,000 bitcoins being stolen in an undetected two-and-a-half-year hack started 12 years ago when Russian hackers compromised the hot wallet. This allowed hackers to bleed the exchange dry between August 2011 and January 2014, but few people know the full extent of the hack and just how bad it was. The recent indictment of two Russians for the hack, plus the imminent trial of the man who allegedly laundered 500,000 of the stolen coins, has helped inform a forthcoming book by FullyCrypto writer Mark Hunter on the subject which offers details that few people realize when it comes to the infamous hack.
12 years ago today, Russian hackers, including Alexander Verner and Alexey Bilyuchenko (allegedly), hacked into the #mtgox servers and stole the hot wallet.
This was the second such occurrence, with the first coming in March 2011 when 79,956 BTC were stolen (the #1Feex hack)👇
— Mark Hunter (@Twentynothing00) September 11, 2023
Hot Wallet and 100,000 Addresses Stolen
In a tweet thread today, Mark explained how, on 11 September 2011 at 9:30pm UTC, Russian hackers infiltrated the MtGox servers and stole a copy of the hot wallet. This was just two weeks before Bitcoin wallet encryption was released, allowing them to spin up a copy of the hot wallet and steal the coins present inside it. They didn’t do this at once, however, waiting instead until the following month to start moving coins out, which they did steadily so as to avoid suspicion.
However, as well as obtaining a copy of the wallet, the hackers also obtained the private keys to a staggering 100,000 addresses associated with the hot wallet, meaning that any coins deposited to that wallet through any of those addresses were siphoned off by the hackers. These addresses weren’t just used by MtGox customers, they were also used by whoever or whatever was responsible for topping up the hot wallet from MtGox’s cold wallets. This meant that MtGox was literally pouring the contents of its cold wallets into the attackers’ pockets, supposedly without CEO Mark Karpelès noticing until it was too late.
MtGox Was a Ponzi Scheme for Six Months
The theft of the coins drained MtGox’s reserves to the point where it was wiped clean in August 2013; at that time, any records that Karpelès was keeping would have reflected reserves of over a million bitcoins. In fact, the exchange had just 200,000, but these were locked away in a legacy wallet and all but forgotten about until Karpelès discovered them while scanning the exchange’s wallets in March 2014.
Two of the alleged hackers, Alexey Bilyuchenko and Aleksandr Verner, were indicted in June over their part in infiltrating MtGox, while the man who laundered 500,000 of the 647,000 stolen coins, Alexander Vinnik, is set for trial next year in the US.
The story of this incredible hack, worth a staggering $16 billion today, is told in full in Mark’s forthcoming book, Ultimate Catastrophe – How MtGox Lost Half a Billion Dollars and Nearly Killed Bitcoin, which will be out later this year.