back to article Mt Gox fielded MASSIVE DDOS attack before collapse

A Japanese newspaper is reporting that during the spectacular collapse of the Mt Gox Bitcoin exchange, the operation's servers were also suffering a large-scale DDOS attack. The Yomiuri Shimbun's English-language Japan News reports that the attacks in early February reached 150,000 DDOS hits per second, “mostly from servers in …

COMMENTS

This topic is closed for new posts.
Holmes

An actual DDOS?

Or just everybody trying to get through to get their bitcoins out?

8
0
Boffin

The headline is rather misleading...

...since in military parlance, "fielding" something means bringing it into combat. So the headline "Mt Gox fielded MASSIVE DDOS attack before collapse" (emphasis added by commentard) implies that Mt Gox itself started a DDOS attack, not that it was the subject of one.

10
0
Silver badge

Re: The headline is rather misleading...

Rather confusing old chap...

In cricket and baseball it means catching and handling a ball hit by the opposing team.

Since baseball is probably bigger than the military in Japan we can probably use this meaning.

5
0
Silver badge

Re: The headline is rather misleading...

Misleading, perhaps, but it could also be bang on. We still don't know just how complicit they were. Sometimes where there's smoke there's fire, and a "massive" DDOS attack does create a smoke screen.

1
0
Silver badge

Re: The headline is rather misleading...

> Mt Gox itself started a DDOS

I wouldn't consider that impossible at all.

1
0
Anonymous Coward

Re: The headline is rather misleading...

"baseball"

That's Rounders for Americans + lots of spitting, right?

0
0
Thumb Up

Re: The headline is rather misleading...

Many years ago, on a holiday to the US, I was sitting at a bar and discussing with some of the locals the merits of different sports when I happened to mention that Baseball was played in the UK, known as Rounders and normally played my young girls.

My innocent comment nearly started a bar fight!

1
0
Anonymous Coward

Maybe it's just me, but if you're MtGox, and you know your security is... shall we say, so-so... and you get a big honkin' DDOS so everything is nuts... wouldn't your first move, given Bitcoins' weaknesses, to run the fuck around unplugging network cables? Or would that not have done any good?

8
0
Bronze badge

>It later emerged that attackers had found a way to exploit

>the Mt Gox code to steal 850,000 Bitcoins worth hundreds of millions of dollars.

Zero evidence of this and Mt Gox themselves said the coins were stolen via "transaction malleability" over years.

The fact that coins that Mt Gox moved and hasn't touched since 2011 were moving all over the place over the weekend suggests that there is a little bit more to this story than Mt Gox have been making out.

3
0
Silver badge
Holmes

"850,000 Bitcoins worth hundreds of millions of dollars"

I love how the press throws around numbers like this when there is a loss or a crime. For instance, every time a shipment of illegal drugs is seized by the police in America, the press quickly declares that the shipment "had a street value of $50 million dollars" or some such.

It should be noted that "hundreds of millions of dollars" would be maximum value under ideal conditions. Just like selling street drugs in America for $50 million would be "maximum value under ideal conditions". The fact is, those ideal conditions are unlikely ever to be met either in the case of a failed drug sale or a flopped bitcoin exchange. Buyers may not have been willing to part with maximum price for questionable coin from MtGox - so the "hundreds of millions" might be a totally bogus number in the first place.

3
0
Silver badge
Coat

exaggerated values

I love how the press throws around numbers like this when there is a loss or a crime. For instance, every time a shipment of illegal drugs is seized by the police in America, the press quickly declares that the shipment "had a street value of $50 million dollars" or some such.

Blank cheque found . . . worth billions of dollars. (until you cash it)

2
0
Silver badge

According to BitcoinAverage.com, which gives a weighted average of the current/recent prices on several exchanges, at the time of writing, the price of one bitcoin is $627.

$627/BTC x 850,000 BTC = $532,950,000

This is assuming you were able to shift those coins at a reasonable rate without causing the exchange to collapse. Given that the daily volume appears to be around 30,000 BTC, it would probably take some months to convert those to cash, but the exhange rate does seem to have stayed pretty constant over the last few weeks.

I think that falls pretty well into the 'hundreds of millions of dollars' bracket, either way, without any need to start waffling about 'street drugs', which has absolutely no relevance.

0
0
Anonymous Coward

When spread over their various owners, the value could easily be the stated amount, since they wouldn't all spend them at once, and they'd spend them in different places.

So, the *loss to the owners* was $850m (at the given exchange rate); the *value to the thieves* would be substantially less due to the above-mentioned concerns.

0
0
Mushroom

Re: 850,000 Bitcoins worth hundreds of millions of dollars

Except that a very recent leak revealed that MtGox had over 950,000 Bitcoins?

Considering MtGox's "trustworthiness" then (oh who am I kidding, this is the same MtGox which had parsed usernames and passwords in plaintext through URL's when the site first launched) I wouldn't be surprised if MtGox DDoS'd themselves in order to portray a false image of MtGox being the victim.

3
0
Coffee/keyboard

Burning Chrome

Burning Chrome foresaw such.

2
0
Silver badge
Trollface

Re: Burning Chrome

In this case, Burning Gox!

0
0
Silver badge
Holmes

Rumors that Mt Gox was doing a bit of fractional reserve banking on the side...

Anything to it?

Bitcoin Banking

The claim that Mt. Gox was operating with fractional reserves came as shocking to some. After all, the exchange functioned by providing a shared wallet for depositors. Each time a deposit was made in bitcoin, the proceeds were moved to the shared wallet. This wallet was safely stored offline (“cold storage”) so that hackers could not gain access to them. In addition, a very high percentage of bitcoin was supposedly stored in this way – up to 98% by some claims – with only a small amount held online to facilitate withdrawals and other transactions.

In theory, since almost all of the bitcoin were held safely offline by Mt. Gox, the “bitcoin bank” should have been behaving like any standard full-reserve bank. The evidence over the past months proved this to be anything but the reality of the situation.

...

Mt. Gox is a little different. Despite holding the vast majority of its bitcoin securely in cold storage, its claim is that somehow these were stolen by someone. In standard fractional-reserve banking theory, the reason a less than 100% reserve is held is because the bank has knowingly made use of the deposited goods, not because hackers have prevailed in cracking an impervious safe. The dust will settle on what happened to the bitcoins deposited with Mt. Gox. For now I will let Occam´s razor prevail in providing me with an answer to the whereabouts of the missing coins.

0
0
Bronze badge

Re: Rumors that Mt Gox was doing a bit of fractional reserve banking on the side...

So the equivalent not of a stick up, but of someone walking in an taking the safe?

0
0
Silver badge
Holmes

Re: Rumors that Mt Gox was doing a bit of fractional reserve banking on the side...

Or just the safe being emptier than it should be in the first place: loaning out the money one should keep in the vault so that dosh can be made for oneself --- while praying that not all the depositors will demand their money back at the same time.

The reason for why "bank runs" happen and, today, basically large orders are suddenly placed to printshops by politicians getting the cold sweats.

"transaction malleability" sounds suspiciously like exactly that. I have no idea whether bitcoin technically allows this.

0
0
Bronze badge

Re: Rumors that Mt Gox was doing a bit of fractional reserve banking on the side...

>Or just the safe being emptier than it should be in the first place:

>loaning out the money one should keep in the vault so that dosh

>can be made for oneself

That's called "fractional reserver banking". That's what the words mean.

0
0
Silver badge

Re: Rumors that Mt Gox was doing a bit of fractional reserve banking on the side...

This is correct.

0
0
Silver badge

Re: Rumors that Mt Gox was doing a bit of fractional reserve banking on the side...

"transaction malleability" sounds suspiciously like exactly that. I have no idea whether bitcoin technically allows this.

"Transaction melleability" refers to a vulnerability in the bitcoin protocol known about in 2011, and for which a fix was done then in the standard bitcoin client. For MtGox not to have applied this fix to their own code suggests a severe level of incompetence on their own part, akin to running a bank's servers on a public-facing unpatched WinXP box.

0
0
Bronze badge

links

http://www.theregister.co.uk/2013/08/21/cyberheist_ddos_smokescreen/

"Cybercrooks are running distributed denial of service attacks as a smokescreen to distract bank security staff while they plunder online banking systems"

http://www.theregister.co.uk/2013/10/17/bitcoin_exchange_ddos_flood/

"mystery DDoSers tried to take down Bitcoin exchange with 100Gbps crapflood"

http://www.theregister.co.uk/2013/11/29/uk_banks_cyber_threat_warning/

"Concerns that high-volume DDoS attacks of the type that interrupted the operations of US banks last year might easily be deployed against Britain banks to similar effect have fortunately proved groundless"

0
0
Facepalm

It was NSA and GCHQ. They are working for the banksters.

0
0
Silver badge

It's all Obama's fault!

0
0
This topic is closed for new posts.

Forums