Showing posts with label hack. Show all posts
Showing posts with label hack. Show all posts

Monday, August 6, 2018

Mt. Gox - Magic: The Gathering Online eXchange

Here is an interesting read. This is all about an exchange that was hacked. The name is/was Mt. Gox - Magic: The Gathering Online eXchange.

http://fortune.com/longform/bitcoin-mt-gox-hack-karpeles/

Mt. Gox and the Surprising Redemption of Bitcoin’s Biggest Villain
He led the world's largest Bitcoin exchange before a mysterious heist made it go bust. As clues emerge and Bitcoin's price surges, Mark Karpelès is on the hunt for answers.
By Jen Wieczner
April 19, 2018

The moment that would change the history of Mt. Gox came without so much as a beep. Mark Karpelès, the CEO of what until recently had been the world’s biggest Bitcoin exchange, was finally alone, save for his tabby cat, in his palatial penthouse with a panoramic view of Tokyo. It was the evening of March 7, 2014, and Karpelès had barely slept in the week since Mt. Gox had sought bankruptcy protection, announcing that 850,000 of its Bitcoins, worth some $473 million at the time—and representing 7% of all Bitcoins then in existence—had somehow disappeared. With protesters and camera crews swarming in front of Mt. Gox’s office and the price of Bitcoin in free fall, the usually unflappable Frenchman had been confined to a self-imposed house arrest, subsisting on the buttery pastries he liked to bake and reading the hate mail that flooded in from all corners of the Internet—most of it accusing him of stealing the money himself. Today the Mt. Gox hack remains the worst disaster in Bitcoin’s short history.

It wasn’t until his lawyers had gone home for the day that Karpelès could retreat to his computer, and that’s when he noticed the shocking number on his screen. Following his company’s collapse, he’d spent days methodically double-checking Mt. Gox’s old digital wallets, where the secret alphanumeric keys for accessing Bitcoins are stored. One after another—a dozen so far—the wallets had come up empty. But this time, when the blockchain-scanning program finished running after six hours, it had silently served up an unexpected result: He’d found 200,000 Bitcoins, stashed away in an archived file in the cloud—apparently forgotten and untouched for three years.

Mark Karpelès in Tokyo’s Shinjuku district. The former Mt. Gox CEO, who once felt safe leaving his laptop on a park bench, refused to set down his bag for fear of theft.
Mark Karpelès in Tokyo’s Shinjuku district. The former Mt. Gox CEO, who once felt safe leaving his laptop on a park bench, refused to set down his bag for fear of theft. Photographed by Eric Rechsteiner for Fortune
In a series of conversations with Fortune, Karpelès shared for the first time the full details of what he says really happened in the final days of Mt. Gox—including his account of how he stumbled on the 200,000 Bitcoins.

The surprise discovery would turn out to be, to this day, the only hope Mt. Gox customers have of getting their money back. It’s been proved that the other 650,000 missing Bitcoins were stolen—we now know, by various hackers. But Karpelès continues to be one of the most infamous figures in cryptocurrency. And his legal fate is uncertain, even as new evidence has emerged that largely exonerates him.

Ironically, today Karpelès doesn’t view the retrieval of the 200,000 Bitcoins as a lucky break. They’ve become such a subject of contention, in fact, that he wonders whether it might have been better if they’d remained lost. “At the time, I felt finding these was a good thing for everyone,” recalls Karpelès, now 32, his French accent still strong after nearly nine years in Japan. “But now this is also the main reason why we are stuck fighting.”

To many, the belated revelation seemed too good to be true—making the unemotional programmer-turned-mogul look even guiltier. Was he just coughing up his go-bag in an attempt to wiggle out of trouble? Soon, they had even more reason to suspect him: Leaked trading records suggested that what could only be an internal Mt. Gox account—widely known today as the “Willy bot”—was artificially inflating its account balance and using the money to buy Bitcoins. When Mt. Gox ran low on Bitcoins, Willy helped make up the shortfall. Sometimes its trades went the other way, selling borrowed Bitcoins to generate cash. Critics speculate that it was a fraudulent, if failed, exercise to keep Mt. Gox afloat.

That suspicious activity by the Willy bot led to Karpelès’s arrest in August 2015 on charges of manipulating electronic data; he admitted in court last summer to running what he called the “obligation exchange” but disputes doing anything illegal. After spending almost a year in jail, Karpelès is currently on trial in Tokyo, facing criminal allegations such as embezzlement and breach of trust, all unrelated to the missing Bitcoins.

But it was an unforeseen twist that today is causing Karpelès the greatest angst. Between the time Mt. Gox shut down and when it entered liquidation in April 2014, the price of Bitcoin had plummeted more than 20% to $483. It would be over two and a half years before Bitcoin would regain its previous high—long enough that many Mt. Gox victims didn’t even bother filing a claim for what they considered an insignificant sum. Then early last year, Bitcoin finally broke its old record. By late May, it was trading at nearly $2,200, making Mt. Gox’s remaining Bitcoins—202,185 to be exact—worth more than everything it owed in claims. When the Bitcoin price peaked at $20,000 in December, the value of Mt. Gox’s assets (by then including Bitcoin derivatives such as Bitcoin Cash) ballooned to $4.4 billion—nearly 10 times the amount Mt. Gox said it lost in the first place. “The fact that you have a bankruptcy where the only asset that it owns goes up by 5,000%, that’s pretty unprecedented,” says Daniel Kelman, a lawyer and Mt. Gox creditor who spent a year in Tokyo working on the case.

After months studying Japan’s bankruptcy code while in solitary confinement, Karpelès knew there was a wrinkle: Under the law, most of that excess would return to shareholders of Mt. Gox, of which he held 88%. At current prices, the windfall would make him a billionaire. It would also mean an interminable nightmare of lawsuits and threats that Karpelès—who is also in personal bankruptcy—is desperate to avoid. He says he’d happily give the money back if it came to him, but the estimated 60% tax triggered in the process would be catastrophic.

“I never expected to get anything out of this,” Karpelès tells me when we meet in Tokyo in March. “It would bring more trouble than anything.”

We’re on the second floor of a Japanese café, in a stuffy meeting room that Karpelès says is not much bigger than his jail cell. Deprived of a computer behind bars, he passed time by measuring the room using the length of his notebook. (After his release, Karpelès sent friends a chart of the 70 pounds he’d lost while detained.) It’s the first day in Tokyo that finally feels like spring, cherry blossoms in bloom, but he has holed up here in the café because it’s roughly equidistant from the offices of his various lawyers, as well as the bankruptcy trustee, whom he meets with regularly out of a sense of “duty” to his former customers. He’s been so busy, he says, he didn’t have time to shave that morning.

Karpelès took control of Mt. Gox—the name is an acronym for Magic: The Gathering Online eXchange, after the trading card game that inspired the original site—in 2011 from founder Jed McCaleb. Employees don’t remember Karpelès ever seeming fazed about anything: He took meetings from a vibrating massage chair and churned out combs using a 3D printer he’d bought for the office. His hallmark reply to questions: “Should be fine.”

But he’s lately developed a sense of gallows humor uncharacteristic of his Mt. Gox days. Even if he wanted to buy Bitcoin today, he doubts he could find an exchange that would take his money, he laughs, and notes that it’s been a few months since he’s received any death threats—“a new record.” He turns serious, though, when he recounts the sleepless nights in February 2014 when he says he first discovered that all of Mt. Gox’s Bitcoins were missing. “I think this really is the worst experience for anyone to have in life,” he says. Still, he’s not sure he could have done the job better. “If I knew at the time what I know today, I would have done things differently, of course,” he says with a practiced tone. “But based on the information I had at the time, and the situation at the time, I still think that I’ve done the best I could do with what I had.”

The question of what Karpelès knew, and when, though, remains more of a mystery than even who stole the coins. Bitcoin’s public ledger, or blockchain, allows anyone to trace the path of transactions, showing the wallets where Mt. Gox’s Bitcoins went. But the same blockchain analysis, multiple experts have confirmed, has also revealed an unsettling fact: By mid-2013, Mt. Gox had already lost all its Bitcoins—eight months before it admitted so publicly.

The timing of this insolvency, analysis shows, coincided with the Willy bot kicking into high gear—perhaps providing a hint as to Karpelès’s true motivations. “I feel that this is a reaction to this revelation that okay, all the money is gone,” says Michael Gronager, CEO of Chainalysis, which was hired by the Mt. Gox bankruptcy trustee to investigate the Bitcoins’ disappearance. Yet it’s also why he doesn’t believe Karpelès was planning to run away with the 200,000 Bitcoins. “I think that had he found them before he went bankrupt, he would never have gone bankrupt,” says Gronager. Rather, he says, Karpelès would have used the hoard to cover his losses.



When Mt. Gox froze Bitcoin withdrawals in 2014, a customer named Kolin Burges hopped a flight from London to Tokyo. For more than two weeks, until Mt. Gox declared bankruptcy, he kept vigil outside the exchange’s headquarters, holding a sign reading, “MTGOX WHERE IS OUR MONEY?” Other protesters soon joined him, demonstrating the frustration of Mt. Gox customers worldwide.

Kim Nilsson was just as vexed, but standing in the snow wasn’t his style. A modest Swedish software engineer with a goatee and a quiet voice, Nilsson, who also owned Bitcoins at Mt. Gox, had never before worked on blockchain technology. But he had a reputation for getting to the bottom of the toughest software bugs; in his off-time, he’d been known to beat all the levels of Super Mario Bros. 2 in an afternoon sitting. And that’s how he approached Mt. Gox: “It was basically just the world’s biggest puzzle at the time—like whoever solves this, imagine the recognition.”

Kim Nilsson, the software engineer who cracked the Mt. Gox case, standing on the street near Shinjuku Station in Tokyo.
Kim Nilsson, the software engineer who cracked the Mt. Gox case, standing on the street near Shinjuku Station in Tokyo. Photographed by Eric Rechsteiner for Fortune
He teamed up with some other Mt. Gox customers to launch WizSec, a blockchain security firm dedicated to cracking the case. But while the company quickly dissolved, Nilsson stayed on the case in secret, teaching himself blockchain analysis and painstakingly tracing the money stolen from Mt. Gox. Although Nilsson started off investigating Karpelès’s role in the theft, he soon realized the CEO was just as eager as he was to know what happened. At a time when Karpelès needed friends most, the WizSec team scored an invite to his apartment by offering to bring the Frenchman the ingredients he needed to bake his famous apple quiche. Soon, Karpelès was feeding Nilsson internal Mt. Gox data that could help solve the case. “I wish I had stolen the money, because then I could just give it back,” Karpelès told them at the time.

Over the next four years, Nilsson estimates he spent a year-and-a-half’s worth of full-time hours pursuing the Mt. Gox hackers. He’s never been paid for his work; his 12.7 Bitcoin claim at Mt. Gox makes him one of its smallest creditors. To J. Maurice, who helped found WizSec but left the company early on and was not involved in the investigation, Nilsson’s effort epitomizes the virtues of Bitcoin—a decentralized system free of government control, which relies instead on individual users to sustain it. “Kim is humble, he doesn’t brag, he doesn’t even want to get rich. He’s just working hard on something for years as his passion project,” Maurice says. “That’s what Bitcoin is.”

By early 2016, Nilsson had a suspect. As he tracked the stolen funds, he saw that, of the 650,000 Bitcoins reported stolen from Mt. Gox, 630,000 had gone straight into wallets controlled by the same person. That person also had an account at Mt. Gox, associated with the username WME. Then Nilsson stumbled across an old post in an online Bitcoin forum in which someone with the handle WME had thrown a tantrum, complaining that another cryptocurrency exchange had frozen his funds. “Give [me] my CLEAN MONEY!” read the post. In the process, WME dropped clues that he owned some of the Bitcoin wallets in question. But the big break came when the same user posted a letter from his lawyer, his first and last name visible for the whole world to see. Nilsson, as he routinely did with his findings, dashed off an email to Gary Alford, a special agent with the IRS in New York who has helped catch cybercriminals.

Then one scorching day last July, police stormed a beach in Greece to arrest a Russian citizen vacationing with his family. U.S. federal prosecutors charged Alexander Vinnik, a 38-year-old IT specialist, with laundering 530,000 of the stolen Mt. Gox Bitcoins through his WME wallets and other accounts. They also accused him of helping to run the exchange BTC-e, whose primary purpose was allegedly to launder money. It is plausible, investigators say, that BTC-e was founded specifically to launder funds stolen from Mt. Gox. Blockchain analysis shows that the hack that devastated Mt. Gox began in autumn 2011, around the time BTC-e started up. Keys to Mt. Gox’s “hot wallet”—its online Bitcoin repository—were stolen and copied, compromising the exchange’s deposit addresses. So for the next two years, in nine out of 10 instances, coins were being stolen as soon as they came in, says Chainalysis’ Gronager, who is also a creditor: “It meant that you had a hole in the bottom of the well, and someone was just draining money.”

Karpelès claims he never noticed because the hackers stole small amounts at a time, and the balances generally seemed to move upward. “Bitcoin didn’t exactly decrease,” he says. “It’s just that they didn’t increase as much as they should.”

Nilsson, who believes he has convincingly linked Vinnik to at least 100,000 more Mt. Gox Bitcoins than the feds allege, still doesn’t know whether he helped the government’s investigation or simply confirmed its conclusions. With Vinnik fighting extradition from Greece and five outstanding defendants whose names remain redacted in the U.S. indictment, the IRS won’t comment on the “active and ongoing” investigation. But Kathryn Haun, a former federal prosecutor who signed off on the indictment, says Vinnik’s use of Bitcoin helps clearly connect him to the crime: “At first blush what seemed unsolvable turned out to be traceable through the use of digital currency.”

For Karpelès, Vinnik’s arrest reinforced a long-held theory: that Russian Bitcoin exchange administrators were behind a series of ­denial-of-service and other cyberattacks that hit Mt. Gox in 2011. Says Karpelès, “What he did, Mt. Gox is a victim of this, which means that all creditors are victims of this, and I am too a victim of this.”

Vinnik, who has denied the charges, has not been charged with stealing from Mt. Gox. But the magnitude and duration of his involvement points to some familiarity with the thieves whose profits he was allegedly laundering: “I assume at least he knows where to send the check,” says Nilsson.

Still, there’s an ironic punch line to the case: Because the stolen Bitcoins were sold right away, allegedly by Vinnik and long before Mt. Gox disclosed the hack, victims lost much more, in dollar value, than the hackers ever made—which, according to Chainalysis, was only about $20 million.

And as soon as the Bitcoins were converted to cash, the blockchain trail was broken. That means that even if authorities seize Bitcoins from the suspects, there won’t be anything to prove they’re from Mt. Gox. Sean Hays, a creditor in Arizona who says his 338 Bitcoin claim would be “life-changing,” adds, “I’ll be glad to have part of it back, but I think there will always be the hunt for where’s the rest?”

But for Burges, the key question that inspired his protest has finally been answered. “We know where the coins went, and we won’t get them back,” he says. “As far as I’m concerned, it’s solved.”

For almost four years, Josh Jones assumed he’d eventually receive his rightful portion of his nearly 44,000 Bitcoins locked inside Mt. Gox. By mid-2017, Bitcoin’s price was soaring, and Mt. Gox had enough to pay out the $430 million it owed in claims several times over. Then last September, Mt. Gox trustee Nobuaki Kobayashi, a top restructuring lawyer also representing Takata in the airbag-maker’s bankruptcy, broke the news: Under Japanese bankruptcy law, the value of creditors’ claims were capped at what they were worth back in 2014: $483 per Bitcoin. “That’s just crazy,” says Jones, who held most of the coins on behalf of his clients at Bitcoin Builder, the service he built to facilitate arbitrage trading at Mt. Gox in its final weeks. “That can’t be how it’s going to work out.”

But while there was little Jones could do back home in Santa Monica, another major creditor took it upon himself to ensure the Bitcoins would be fully divvied up among Mt. Gox victims. Richard Folsom, an American who worked for Bain & Co. in Tokyo before founding one of the first private equity shops in Japan, hired the biggest Japanese law firm and came up with a plan: What if Mt. Gox wasn’t technically bankrupt anymore? Their petition for “civil rehabilitation” of Mt. Gox, filed in November, is now pending before the Tokyo District Court; an outside examiner recommended in its favor in February. Shin Fukuoka, the partner at Nishimura & Asahi leading the effort, is confident it will be approved, as early as the end of April. “We think that the court has sufficient understanding about the problems in the case of proceeding with bankruptcy,” Fukuoka says.

Those problems, of course, include the fact that the majority of Mt. Gox’s assets would otherwise accrue to Mark Karpelès. “Such an outcome would be a travesty,” says Jesse Powell, CEO of Kraken, the San Francisco–based Bitcoin exchange appointed to help investigate and distribute Mt. Gox claims (and himself a substantial creditor).

If Fukuoka’s plan works, it would be the first time in Japan that a business “abolished” in bankruptcy was rehabilitated, he says: “These are very unique circumstances.” In a traditional civil rehabilitation, once the court gives the green light, it typically takes six months for the plan to be finalized—meaning optimistically, creditors could begin to get paid, preferably in Bitcoins, as soon as late this year. Fukuoka says he’s also considering mandating further investigation into the stolen Bitcoins as part of the rehab plan, in hopes more will be recovered. (A $75 million lawsuit from CoinLab that has held up the bankruptcy process could be sidestepped by setting aside a legal reserve fund in the meantime, he adds.) It would be an extraordinary outcome for creditors like Thomas Braziel, managing partner of New York–based hedge fund B.E. Capital Management, who has bought up $1 million worth of claims at 80¢ on the dollar, believing he will turn a profit no matter what. “Of course, if the rehabilitation happens, it’s a bonanza, and you make eight, nine, 10 times your money,” Braziel says.

That would be a relief to Mt. Gox’s disgraced CEO, who says he’s had enough of the cryptocurrency business to last a lifetime: “The only thing I’m touching related to cryptocurrency is how to solve this bankruptcy. Nothing more,” says Karpelès. Besides, he has lost faith in the initial promise of digital money: “Bitcoin right now is, I believe, doomed.”

Since his release from jail two summers ago, Karpelès has been moving apartments every few months out of concerns for his own safety. During three months of all-day interrogations while detained, he refused to confess to the accusations Japanese authorities threw at him—including, at one point, that he was Satoshi Nakamoto, Bitcoin’s mysterious founder. Still, despite what he feels is a weak case against him, he thinks the odds are he’ll be found guilty, at least during this first trial; Japan, which has a more than 99% conviction rate, is also one of a few countries that allows prosecutors to appeal an acquittal twice. In a year or two, he could be sent back behind bars. “After I came out, I felt like in a kind of dream, like I didn’t feel things were real,” he says, over a slice of cake with cream and cherries. “Even today I’m not sure yet.”

Karpelès, though, is not on trial for what even his sympathizers fault him for the most: lying about Mt. Gox’s insolvency. “When Mt. Gox didn’t have any of the coins, he was getting new deposits from other customers to pay off other people—kind of like a Bernie Madoff,” says Kelman, the lawyer.

For now, Karpelès, who’s never been to the United States (and isn’t allowed to leave Japan while on trial), is leveraging his mastery of Japanese and the country’s formal business customs. The arrest of Vinnik has made it easier to find work, he says, by lifting some blame from Karpelès. Even so, the taint of Mt. Gox follows him. “He is unhirable,” says Mike Kayamori, the CEO of Japanese cryptocurrency exchange Quoine.

Yet earlier this year, Mark Karpelès landed a big new job: chief technology officer at London Trust Media, a Denver-based corporation that runs the largest virtual private network (VPN) service in the world. It has recently been expanding into cryptocurrency-related ventures. “I am more than willing to give a second chance to Mark in this fight’s critical hour,” says Andrew Lee, cofounder and chairman of London Trust Media, who also briefly ran Mt. Gox’s U.S. operations.

Even if Mt. Gox’s rehabilitation succeeds, the company is unlikely to take another voyage. Still, that hasn’t stopped Karpelès from dreaming up schemes to get back the missing 650,000 Bitcoins. Even if the original coins can’t be retrieved, perhaps Mt. Gox could be revived long enough to generate revenue to finally make creditors whole; Karpelès also says he’s found one exchange that seems interested in pledging some of its own profits to victims.

But others, such as Kraken’s Powell, say the hole is simply too deep to fill. Besides, even if Mt. Gox did reopen, who would want to trade there? Adds Burges, the Mt. Gox protester, “It’s like having another ship called the Titanic.” For him, closure means letting the rest of the Bitcoins go down with the ship. 

USA Elections 2024 and Bonfire Night in the UK: A Night of Democracy, History, and Anticipation For Bitcoin

November 5, 2024, is shaping up to be a night of high energy and deep significance on both sides of the Atlantic. In the United States, mill...