The biggest cryptocurrency hack in the history of blockchain

Cryptocurrency, what do you imagine? Pile of paper currency? You imagined right and wrong. While there are individuals whove made millions and companies whove made billions. Also, there are people who lost millions and companies gone bankrupt.

Reason?

A couple of reasons. The price fluctuations, poor infrastructures and investing skills, and hack attacks. That being said, in this post, you will learn everything if you dont want to lose your money to some cyber criminal.

They say more than success stories, it is the failure stories that teach a lot. If you are aiming to become an investor or have your own company you should know about these hacks. As part of this guide, we will share the biggest hack attacks that changed the course of this industry and the problem that caused it. You can mitigate the problems and avoid the loss.

Lets get started.

The year 2013, Mt. Gox is the biggest bitcoin exchange platform in the world with a 70% market share. Max Karpeles, the founder of Mt Gox was on top of the world back then.

Fast forward to 2018.

The rate at which Mt Gox was growing, Mt Gox has captured more than 95% of the bitcoin exchange market by now. Max is sitting on a pile of 100-dollar bills, just like Joker did in the Dark Knight Rises.

Amazing isnt it?

Nope. Mt. Gox is nowhere in the market. Its disappeared in thin air. No ones talking about it. No newcomers know that it even existed.

The castle Max built was so mightly that he didnt notice small cracks in the foundation of the castle. Just a year later when Mt. Gox was at top of the world, in 2014, it got hacked. 70% of the bitcoin exchange market share, and the funds, all gone in a snap.

What went wrong? Lets peep into it.

Mt. Gox was a clear winner before it went extinct. But there were some foundational problems in Mt. Gox since the beginning.

Mt Gox has been busy developing a lot of features and that led to a lot of versions of the core platform. Keeping a record of the changes made became a tedious task. Therefore, tracing back at the time of bug fixes was a next-to-impossible task.

This exactly led to affect Mt.Goxs core software to exist with bugs and not perform as expected. This problem couldve been solved with the help of VCS (version control software), but there wasnt any back in those days. Heres why a VCSs are important for any product-based company:

With a lot of code changes in the core, software led to disfunctioning of the software. Mt.Gox did not have a testing policy that could do the needful. A leader in Bitcoin exchange simply throws away code that hasnt been tested, sounds pathetic? Yes, it does.

A lot of changes in code, without testing, comes to the CEO for approval. Only Max had the right to approve any code change. This did not go well with the number of changes that were made in the codebase. Max is a great programmer, but approving these many changes that too without testing was not good. Soon, he choked up and ended up being over-occupied. Considering his designation, it was not good for the company and himself.

A lot of code changes, lack of testing, code change approvals, led to a poor management. How do you expect a human being to outperform so much work without mistake? Max is a great programmer, no second thoughts about that. But when it comes to the role of a businessperson or decision maker, Max was not up to the mark. Max as a CEO went full-length busy and failed to foresee a disaster nearing.

It was 19th June when Bitcoin price fell down to one cent, and it was a sign to incoming disaster.

Source: Wikipedia

This was not a complete system failure. Instead, there was an attack that led to a price crash. The hackers got access to auditors computer and transferred a huge number of Bitcoins to their addresses. Furthermore, they used the same exchange platform to sell all the Bitcoins, so that they can disappear with the fiat money.

This led to the price drop, only within the system. But till then, it was too late for the company to withstand the blow. By this time, the companys spine was severely damaged to survive. Way over $8.7 million was stolen and by the time the company could adjust the propellers, the ship was already directing towards another disaster.

Fast forward 2014

In 2014, Mt. Gox system went slow and so slow that US banking authorities froze Mt Gox for violating the norms. On 7th Feb 2014, the company halted all the Bitcoin transactions to crawl back to the problem.

Upon a deep investigation, MtGox team found out that the core software was under a transaction malleability attack.

What is this now, youd ask.

As you must already know that blockchain has a tremendous ability to encrypt the data that cannot tamper by anyone, not even the owner of the blockchain. The blockchain encrypts the data using the cryptographic hash function.

But theres a loophole here.

If someone hacks into the blockchains core software and tamper the transaction just before it enters the blockchain, it can create a disaster. The hacker can alter the transaction and let it enter the blockchain. Once it enters the blockchain, it has no threat of being caught. Anyway, theres no way to trace back to the source of the transaction.

The hackers can flea with the money they stole from the transaction and no one will be able to anything for this. The send wouldnt even know that their money was stolen unless the company declares it upfront.

If you look at the code of a particular transaction, youd see signature data of a transaction that goes along with the input data in the blockchain. Guess what?

This signature data can be manipulated, which further can change the transaction ID. Furthermore, changing the transaction ID will technically eliminate the original transaction from existence and make it look as if it didnt even happen.

Picture this:

Tony owes 5BTC to Mark and Mark requests 5BTC from Tony. Tony initiates the transaction by sending 5BTC to him and the transaction waits in the queue for approval. Amidst this waiting period, Mark can alter the signature and hence the transaction ID and steal 5BTC from that transaction.

After this, Mark would tell Tony that he has not received the payment. Tony would confirm it by looking at the transaction. From his end, the transaction would be shown as pending. To this, Tony would reinitiate the transaction and this time Mark wouldnt do any tampering. This way, Mark would get 10 instead of 5 BTC.

Theres another catch here. Since Mark is aware of Tonys sending address, he could easily figure out the transaction and tamper data of only that. This was not the case with data tampering happened in MtGox. Hackers tampered data of all the transactions they can roll their eyes on.

This is exactly what happened behind the scenes in the MtGox hack attack in 2014. Hackers took advantage of the mismanagement and were able to bag $473 million worth BTC for free. Furthermore, this was almost 7% of the worlds supply of Bitcoin at that time, that was stolen from MtGox.

After the attack, the graph showing the price crash is terrible to look at. By the time Bitcoin started becoming a mainstream, Mt Gox underwent this attack. Everyone thought after this attack, Bitcoin would not survive for long. Sure, immediate effects werent good enough and the price went down like a steep valley.

Mt Gox declared bankruptcy after this attack and price crash. However, later it was discovered that the Bitcoin that were stolen were being laundered through another exchange, BTC-e. Alexander Vinnik, the owner of BTC-e has been accused of laundering the stolen Bitcoins. The Greek court has moved this case from their national jurisdiction to the US regulatories. If the accusation is right, he will be sentenced to 55 years of prison.

Bitcoin, as a network of the blockchain, was powerful enough to withstand the attack.

Another hack attack that happened recently ripped the industry one more time. This time it was $80 million or 4700 BTC. On Dec 6th, 2017, around 00:18 GMT, Solvenian exchange platform was hacked.

Announcing about the attack, CEO of NiceHash, Marko Kobal appeared on Facebook live. He addressed the followers and announced about the attack. As you would expect, he refrained from revealing much about the attack. The only thing he said was that an employees computer was compromised that led to the heist.

NiceHash suspended all the transactions for next 24 hours to reverse analyze what went wrong and know what exactly couldve saved the platform from attack. In a press release, this is what Marko said,

Importantly, our payment system was compromised and the contents of the NiceHash Bitcoin wallet have been stolen. We are working to verify the precise number of BTC taken. Clearly, this is a matter of deep concern and we are working hard to rectify the matter in the coming days. In addition to undertaking our own investigation, the incident has been reported to the relevant authorities and law enforcement and we are co-operating with them as a matter of urgency.

Sure, there have been many cryptocurrency hacks. But in our opinion, there hasnt been any attack as Mt Gox. It tore apart the industry and faith of investors that their money is safe in this decentralized platform.

The key thing here to note is that all these attacks were on exchange platforms. It is nearly impossible to attack a blockchain and steal funds from there. Like Mt Gox, if someone tries to alter transaction ID and steal money from the transaction before it gets confirmed. Its impossible without an exchange platform. Because thats the only medium where hackers can get hold of a transaction. If there werent exchange platforms, there would be a 100 percent safe fund transfer experience. There is no room for a hacker to phish and steal anything from the network.

Furthermore, there have been attacks like the DAO on Ethereum (detailed analysis-based guide coming up), that led to the birth of whole new blockchain, Ethereum, and Ethereum classic. The original blockchain had to fork out (hard fork) and form a whole new blockchain platform.

That being said, you are now well-informed to take an educated decision and invest in cryptocurrency or create a cryptocurrency exchange platform or create a cryptocurrency. There has been enough attack on this amazing new space where everything is possible.

That being said, we made it to the end of this guide. We are sure that we helped you understand the reasons why a platform gets attacked and how you can avoid it. Share this post on your social media platforms to help more people understand about this.

Read more:
The biggest cryptocurrency hack in the history of blockchain

Related Post

Comments are closed.