Feeds

Bitcoin collapses on malicious trade

Mt Gox scrambling to raise the Titanic

Using blade systems to cut costs and sharpen efficiencies

The fragility of the Bitcoin peer-to-peer crypto-currency has been thrown into sharp relief when a large sell transaction sent the trade value of Bitcoins to zero.

According to the Mt Gox exchange, the sell order came from a compromised account. Mt Gox has taken its exchange offline (however, a screen grab of Bitcoins’ collapse is here) and is attempting to recover.

Its approach is to roll back all transactions to their state before the sell order was placed.

“The bitcoin will be back to around 17.5$ / BC after we rollback all trades that have happened after the huge Bitcoin sale that happened on June 20th near 3:00am (JST)”, (sic) says the Mt Gox posting.

As the comments beneath that posting reveal, not all users are pleased about the rollback attempt – for example, those who spotted the collapse happening and decided to load up with cheap Bitcoins.

El Reg Comment: This attack on the Bitcoin follows increasing instability in the crypto-currency. After quietly making its own way in the world for a couple of years, sudden attention from mainstream media started driving large rises and falls in Bitcoin value.

Last week, what was called “the first” Bitcoin heist was reported (whether it was the first is impossible to verify), after which malware came to light that’s designed to steal users’ credentials and wallets.

This latest crisis, however, is a disaster for Bitcoin boosters, many of whom considered themselves “Bitcoin millionaires”. Their status – and the viability of Bitcoins as a genuine alternative currency – depends wholly on the ability to trade out of Bitcoins at a given exchange rate.

Bitcoin’s design is supposed to make its value self-regulating. The supply of Bitcoins is limited by their underlying algorithm: the more Bitcoins exist, the slower new ones will be created.

This purely-internal mechanism doesn’t regulate how Bitcoins interact with the outside world, once a user tries to trade out Bitcoins for “real-world” currencies. Those trades are outside the scope of Bitcoin’s design.

This attack on Bitcoins may simply reflect the stupidity of the thief: instead of trading out quietly and slowly, he attempted a double-grab: first, steal the Bitcoin account, then use a large trade to drive the value down, buy the coins back at the new, lower value, and then try to trade out completely.

However, it illustrates the problem confronting Bitcoin users. Not only do they have to implement personal security better than the likes of Sony, Nintendo or RSA can manage: they also know that only a relatively small transaction – $1,000 worth of coins, which at the pre-collapse level was fewer than 60 Bitcoins – constitutes a “run” on the currency.

How well the Bitcoin recovers in the short term depends on how well Mt Gox can restore the currency to its state before the attack. In the long term, however, Bitcoins will have to solve the kinds of problems that confront currencies in the real world. ®

Update: Since I began writing this, it has emerged that details of more than 60,000 users have been stolen from the Mt Gox exchange. The compromised information includes hashed passwords.

A reader has suggested El Reg post links to lists of cracked passwords. I'll pass on that, but if you want to know how users feel about the Bitcoin crash, the forums are here. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.