Mt. Gox loses database; exchanges close after 500,000 BitCoins are missing or stolen

25000 Bitcoins were transferred from 478 accounts on the largest Bitcoins currency exchange site Mt. Gox. Mt. Gox has to shutdown in an unprecedented action. Approximately 8 milions dollars worth of Bitcoins were stolen in intrusion. 25000 Bitcoins was transferred in one account from 25000 other accounts. After investigation was reported that not used exploit on Mt. Gox. As shows logs all users logged with their correct user names and passwords from first try and transferred money to one account. After market was suspended all Bitcoin value dropped from 30 USD per Bitcoin to 14 USD per Bitcoin. After Mt.Gox all break day transactions were rolled back, BitCoin value rise to 17 dollars. In that day one very rich account was compromised, hacker sold them before and bought back again and wanted to convert those coins to dollars, but 1000 dollars withdrawal limit not allowed to do this. One strange thing how hackers obtained users logins, because in Mt. Gox not allowed to use weak passwords, and in the databases stored only passwords hashes. But is clear that Mt. Gox database was stolen and in http://forum.bitcoin.org/index.php?topic=19343.0;all forum hacker tried to sell it. In one hour of hack 100000 BitCoins were sold in very cheap rates and plunged Mt. Gox Bitcoins worth to 0.01 dollar per Bitcoin and other 400000 Bitcoins reported as missing. Soon all database were published on internet and is available until now. It contains 61020 Mt. Gox users names, emails, and password hashes. According to Mt. Gox support team post on their blog they for password hash use MD5 encryption algorithm with salt. Attack were traced to Hong Kong ip’s. When news about this hack was published many assumed that malicious users were infected victim’s computers and exposed their wallet.dat files. Those files store Bitcoins. Symantec reported that found a Trojan titled Infostealer.Coinbit, which extracts wallet.dat content and sent it by email. Symantec also reported that bootnets participating in Bitcoin mining could be generate 10000 dollars profit per month. Users have ability to encrypt theirs wallets, but if chosen weak password hackers can attempt to bruteforce attack or use rainbow tables.
 Reference

Advertisements
This entry was posted in IT Security, Week 19. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s