English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

The Future of Bitcoin After the Mt. Gox Incident

Stefan Tanase
Kaspersky Lab Expert
Posted February 28, 13:00  GMT
Tags: Website Hacks, Electronic Payments, Vulnerabilities and exploits, Bitcoin
0.2
 

No doubt it's been a crazy week for anyone even remotely interested in Bitcoin. Mt. Gox, once the largest Bitcoin marketplace out there, has shut down, putting a bitter end to an almost month-long situation in which all withdrawals were halted because of technical issues.


Mt. Gox BTC price evolution in February 2014, source: Clark Moody

As customers were unable to move their funds out from Mt. Gox, the world's most famous exchange essentially became isolated from the rest of the Bitcoin ecosystem, making the Bitcoin price traded on Mt. Gox plummet to as low as $100 for 1 BTC before the exchange went completely offline.

In our forecast for 2014, we've stated that attacks on Bitcoin, specifically attacks on Bitcoin pools, exchanges and Bitcoin users will become one of the most high-profile topics of the year. These attacks will be especially popular with the fraudsters as their cost-to-income ratio is very favorable.

While the Mt. Gox incident might be the most significant in Bitcoin history to-date, as it is rumored to be worth 744,408 Bitcoins, or more than $300 million at current BTC prices, the only question that remains unanswered is what actually caused it.

TX Malleability, short for transaction malleability, is a known issue within the Bitcoin protocol. Under specific circumstances it can enable an attacker to issue different signatures (or TX IDs) for the same transaction, essentially making it appear as the transaction didn't happen. This can allow a malicious customer of an exchange to request multiple Bitcoin withdrawals of the same coins by claiming the transactions never went through.

This type of TX Malleability attack was the official reason cited by Mt. Gox when they decided to halt the withdrawals, making it seem as though they have become victims of a cyber-heist, but the possibility of this incident being an inside job can't be ruled out.

The transaction malleability attack doesn't necessarily involve an insider, although someone with direct access to the transaction system can do it much more easily. It is of course possible that the attack was done entirely from the outside, although in such a case Mt. Gox should have the full information on the person responsible for the attack, simply because they'd be re-requesting the funds over and over, citing network errors and the fact that the withdrawal hasn't been received.

The only thing left to do right now is to wait for law enforcement agencies to finish their investigation into the incident and hope that Mt. Gox and other parties involved are co-operating with LEAs to identify the ones responsible and try to recover the damages.

As for what this means for the future of Bitcoin - this week showed us once again, and more than ever, that the Bitcoin ecosystem truly needs companies that understand security. Being a decentralized currency, no authority will impose security standards and regulations, so it-s up to us, Bitcoin enthusiasts and the whole crypto-currency community, to raise the bar: by choosing to only work with Bitcoin companies that have an immaculate track record, a good understanding of the technology involved and especially the security required, but most importantly the willingness to always keep innovating, to always keep going that extra mile to gain customers' trust. Let's make this happen and Bitcoin will be just fine!


2 comments

Oldest first
Threaded view
 

Meitzi

2014 Mar 01, 00:50
0
 

BTC price

I think its very speculative to show Mt. Gox BTC price AFTER the time they halted all transfers. (it did not matter what the value was, because you could not use it)

Did Mt.Gox bankruptcy affect Bitcoin price? Yes it did. But not as dramatically you may think.

http://www.coindesk.com/price/#2013-02-28,2014-02-28,close,bpi|bitstamp|btce|mtgox

Reply    

Nancy Reagan

2014 Mar 24, 14:54
0
 

Nice blog

I think this is one of the most vital information for me. And i am glad studying your article. The site style is wonderful.The article is in reality great.

Visit: http://goo.gl/FcjZJL

Reply    
If you would like to comment on this article you must first
login


Bookmark and Share
Share

Analysis

Blog