Incidents involving cryptocurrency exchanges, software companies, and other service businesses. Subscribe to Blockchain Threat Intelligence for news of the latest incidents.
The year was marked by the massive Mt. Gox user database compromise which contained a large number of unsaulted password hashes. These credentials were used to steal Bitcoin on not only Mt. Gox itself, but other websites such as MyBitcoin as well. One of the compromised Mt. Gox credentials had administrative privileges which was used to manipulate Bitcoin price and drop it to just 1 penny in what is now known as Flash Crash of 2011.
-
Project: Liberty Reserve
Date: 2011-01-20
Summary: Unsantized input with XML injection
Impact: 50,000 USD stolen
References:- Cracking MtGox - YouTube by Kim Nilsson
-
Project: Liberty Reserve
Date: 2011-01-30
Summary: Negative amounts were not checked properly.
Impact: Fixed without damage
References:- Cracking MtGox - YouTube by Kim Nilsson
-
Project: Mt. Gox
Date: 2011-03-01
Summary: Mt.Gox wallet.dat was compromised during the handover from McCaleb to Karpeles
Impact: 80,000 BTC
References:- The 80,000 stolen MtGox bitcoins by WizSec Indicators:
- 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF
- e67a0550848b7932d7796aeea16ab0e48a5cfe81c4e8cca2c5b03e0416850114 - withdrawal tx
-
Project: Mt. Gox
Date: 2011-05-22
Summary: Mark Karpeles side wallet kept on an unencrypted public drive was emptied. Attackers later returned most of the funds with a 1% fee.
Impact: 300,000 BTC
References:- The 80,000 stolen MtGox bitcoins by WizSec
- Cracking MtGox - YouTube by Kim Nilsson Indicators:
- https://blockchair.com/bitcoin/transaction/a59ab6344a8dd71789c93d28c92b85cba4a48cfae22d8da7e4e6028f9418090f - withdrawal tx
- da88c9594b1ab8693399dbd2d8c0dfef095d19a80949b4030ece2e884217e6fd - returned funds tx
- 776feb21ccbe26acf6e8d0bef2701c53d92248fee5ed61d7885a297c897990a7 - attacker's fee tx
-
Project: Mt. Gox
Date: 2011-06-17
Summary: Database compromised through SQL injection which included unsalted password hashes. Cracked Jeb McCaleb's account with administrator privileges allowed attackers to credit arbitrary accounts with Bitcoin and selling them while at the same time driving down the price.
Impact: 2000 BTC stolen through price manipulation + unknown through account compromise.
References:- Got mtgox database - Pastebin
- Clarification of Mt. Gox compromised accounts and major Bitcoin sell-off by Mt. Gox
- Kim Nilsson on His Investigation Into Mt. Gox by What Bitcoin Did
- Major Attack on the World's Largest Bitcoin Exchange by Marc Bevand
- The bitcoin flash crash to $0.01 in June 2011 by BitMEX Research
- Bitcoin Report Volume 8 - (FLASHCRASH) - YouTube
-
Project: MyBitcoin
Date: 2011-06-20
Summary: Mass compromise of credentials taken from the recent Mt. Gox compromise.
Impact: 4019 BTC stolen.
References:- From the desk of Tom Williams, operator of MyBitcoin.com Indicators:
- 1MAazCWMydsQB5ynYXqSGQDjNQMN3HFmEu
-
Project: MyBitcoin
Date: 2011-07-??
Summary: Insufficient Bitcoin confirmation count (1 block) was used to double spend the exchange over time.
Impact: 78739 BTC stolen.
References: -
Project: Bitomat
Date: 2011-07-26
Summary: Wallet database lost during AWS instance reconfiguration. Mt. Gox took over Bitomat and assumed its debts.
Impact: 17000 BTC accidentally lost.
References:- 3rd largest bitcoin exchange has lost its wallet.dat by u/chmod666 on Reddit
-
Project: Mooncoin
Date: 2011-09-11
Summary: Wallet database lost during AWS instance reconfiguration.
Impact: 4000 BTC accidentally lost.
References:- 3rd largest bitcoin exchange has lost its wallet.dat by u/chmod666 on Reddit
-
Project: Mt. Gox
Date: 2011-09-11
Summary: Database hacked. Attackers inflated account balances and withdrew funds.
Impact: 77,500 BTC
References:- Cracking MtGox - YouTube by Kim Nilsson
-
Project: Mt. Gox
Date: 2011-09-11
Summary: Hot wallet compromised (wallet.dat stolen) and funds withdrawn in October.
Impact: 630,000 BTC
References:- Cracking MtGox - YouTube by Kim Nilsson
- Kim Nilsson on His Investigation Into Mt. Gox by What Bitcoin Did
-
Project: Bitcoin7
Date: 2011-10-05
Summary: Wallets and database compromised.
Impact: 5000 BTC
References: -
Project: Mt. Gox
Date: 2011-10-01
Summary: Incorrectly detected deposits credited 48 users with bitcoin.
Impact: 30,000 BTC lost
References:- Cracking MtGox - YouTube by Kim Nilsson
- Kim Nilsson on His Investigation Into Mt. Gox by What Bitcoin Did
-
Project: Mt. Gox
Date: 2011-10-28
Summary: Bug in wallet software accidentally sent bitcoin to a null key.
Impact: 2609 BTC burned
References:- Cracking MtGox - YouTube by Kim Nilsson
- Kim Nilsson on His Investigation Into Mt. Gox by What Bitcoin Did
References