In 2014, Japan-based Mt.Gox cryptocurrency exchange was processing over two thirds of all bitcoin trades on the planet. Then, suddenly, the exchange collapsed. The exchange lost $400 million in bitcoin. Investors lost fortunes.
One man, however, decided to fight back. Software engineer Kim Nilsson lost access to his bitcoins in 2014. The police didn’t even understand how the theft had worked – and they certainly weren’t able to help him solve it. So Nilsson decided to take matters into his own hands.
You can view a 40 minute presentation from Breaking Bitcoin on Nilsson’s findings here. In that presentation, Nilsson describes how he investigated the heist, tracked down the culprits, and delivered justice for users who lost money in the collapse of Mt. Gox.
Nilsson’s story first appeared online in 2017. However, earlier today, The Wall Street Journal featured a story on Kim Nilsson titled, “The Man Who Solved Bitcoin’s Most Notorious Heist.” In that article, The Wall Street Journal explains how Nilsson fought back and investigated the exchange.
How Nilsson Solved the Mt. Gox Heist
Here’s the basic overview of how Kim Nilsson managed to crack the case with Mt. Gox:
Nilsson and Wizsec Scan the Public Blockchain to Identify Mt. Gox Addresses
- Nilsson realized that deposits and withdrawals were all posted on the public blockchain, making it easy to check the amount of money Mt. Gox took in compared to the amount of money Mt. Gox paid out. By subtracting the amount of withdrawals from the amount of holdings, Nilsson was able to see if there was a discrepancy. Since these were customer funds, a discrepancy would mean evidence of theft.
- Mt. Gox refused to provide a copy of the database when asked by Nilsson. However, Mt. Gox’s database had row-level exports leaked multiple times, allowing the partial reconstruction of their transaction history.
- Wizsec then built an index of the entire bitcoin blockchain correlated with all known activity on Mt. Gox, including deposits, withdrawals, and transfers.
- This index allowed Wizsec to reconstruction wallets and find hidden relationships between sets of bitcoin addresses. Wizsec then clustered transactions into wallets.
- Wizsec De-anonymized wallets using open source information, including the date, amount transferred, and number of confirmations compared to data posted online – like on bitcoin forums and with forum metadata.
- Wizsec ultimately identified approximately 2 million addresses belonging to Mt. Gox, allowing the security group to reconstruct Mt. Gox’s total holdings over time. Any withdrawals from Mt. Gox addresses not corresponding to withdrawal records from databases are, presumably, thefts.
Mt. Gox’s CEO is Arrested in 2015
- In 2015, Wizsec published details of the thefts. This was before rumors of the impending arrest of the Mt. Gox CEO. Up to this point, it was just assumed that Mt. Gox had been hacked.
- Mt. Gox’s CEO denies allegations of his impending arrest. He is arrested 8 hours later.
- By 2016, Wizsec and authorities had evidence of multiple thefts dating all the way back to 2011. Nilsson claims Mt. Gox had been “insolvent since 2011” and that “we had evidence that Mt. Gox was trading its liabilities on its own exchange, later known as the WillyBot.”
- Mt. Gox allegedly laundered these thefts by pairing thefts from Mt. Gox with thefts of other coins.
- Wizsec identifies a suspect in laundering these thefts: Alexander Vinnik. Wizsec avoided releasing Vinnik’s name until he was arrested by law enforcement in the United States.
- Wizsec identified Vinnik because Vinnik did not use tumblers or mixers in 2011 to obfuscate his bitcoins. He also used accounts on exchanges that were robbed or hacked. Plus, Vinnik used his real name online in connection with transactions that touched tainted. As Nilsson explains in his presentation, “If you’re going to steal coins, maybe don’t [use your real name online].”
- Wizsec, however, did not believe that Vinnik was the thief: he was just the launderer.
Nilsson and Wizsec Continue Investigating Shady Transactions
- Mt. Gox’s private keys were stolen via losing a copy of wallet.dat. We know that because wallet.dat once included 100 private keys for future transactions, including, for example, for use of change addresses later. If someone gets a copy of your wallet (your wallet.dat), your next 100 transactions and their next 100 transactions will use the same change addresses the next 100 outputs. This is easy to spot on the blockchain.
- Using this nifty trick, Nilsson and the Wizsec team were able to date the theft to September 11, 2011 at 21:30 UTC.
- The change from the thief’s transactions goes to addresses that Mt. Gox has allocated to customers as deposit addresses, which means each time the thief spends money, the change (that the thief still controls), gets seen by Mt. Gox as a deposit by a non-thief depositor. That means the depositors are credited with free BTC on Mt. Gox. Depositors who received free bitcoin immediately withdrew it. Dozens of Mt. Gox users received free BTC and apparently kept quiet about it.
Mt. Gox Was Hacked Multiple Times Before 2015 and Was Periodically Insolvent
- In March 2011, Mt. Gox is sold. At this point, the exchange is already insolvent. At various points throughout its history, Mt. Gox had already hit reserves of 0 BTC. The thefts that took place before 2011 that made the exchange insolvent were actually relatively small.
- Nilsson explains several thefts that took place over the years. Mt. Gox lost $50,000 USD in an XML injection attack that led to an unsinged input, for example. They also had their hot wallet stolen before the exchange was sold, leading to the loss of 80,000 BTC. Interestingly, those 80,000 BTC have not moved since 2011.
- Mt. Gox once lost 300,000 BTC in an off-site wallet from an unsecured network drive exposed to the internet. The thief returned those bitcoins for a 3,000 BTC finder’s fee. However, for a brief time, Mt. Gox had lost its entire reserves. Mt. Gox promised the hacker they wouldn’t investigate in exchange for the 3,000 BTC finder’s fee.
- Because of these hacks and others, Mt. Gox implemented an “obligation exchange”. This is the infamous WillyBot, an internal tool that balanced how insolvent the exchange was in USD and how insolvent they were in BTC so to avoid a liquidity crunch on either. When USD reserves were running low, for example, WillyBot would sell BTC for USD.
- In June 2011, the previous administrator’s admin credentials were hacked. The thief was able to reward himself (or herself) an infinite USD balance and purchase coins with that balance. The thief eventually withdrew 2,000 BTC in stolen funds.
- In September 2011, Mt. Gox’s database was hacked and an arbitrary read/write took place, leading to the loss of 77,500 BTC.
- We still haven’t gotten to the main theft – the one for which Mt. Gox is infamous. Between September 11, 2011 and October 1, 2011 was when the main theft took place. During this time period, a thief was able to get the wallet.dat file and syphon 630,000 BTC away. Mt. Gox did not notice. Nilsson criticized Mt. Gox for not having a monitoring feature on its holdings. This meant they didn’t notice the hack until it was far too late.
- In October 2011, Mt. Gox compounded the problem further when it accidentally destroyed 2,609 BTC by sending them to an unspendable address via a software bug.
At the End of the Day, Mt. Gox is Left With 220,000 BTC
- Nilsson and the Wizsec team tracked all of the Mt. Gox addresses to determine where and how money was being withdrawn and deposited.
- After all of these numerous hacks over the years, Mt. Gox had lost a total of $60 million (or around 865,000 BTC) to thefts and malicious attacks. Mt. Gox lost an additional $51.6 million and 22,000 BTC through WillyBot’s trading losses.
- Mt. God reported liabilities of 950,000 BTC in customer deposits and 100,000 BTC in assets (including the company’s BTC held on the exchange).
- Nilsson and the Wizsec team had expected to find 1.05 million BTC on deposit, and they knew that 865,000 were lost to hacks and malicious attacks. This means after bankruptcy, Mt. Gox would be expected to have 220,000 BTC.
Mt. Gox Could Have Avoided All of This
- Mt. Gox didn’t run into trouble because it got hacked. Every exchange faces hacking attacks and many exchanges have lost BTC in those attacks.
- What sunk Mt. Gox was the secrecy. Nilsson claims the company would have been shut down in 2011 if it hadn’t been secretive.
- Ideally, Mt. Gox would have disclosed the attacks early and avoided implementing WillyBot. WillyBot didn’t solve the problem: it just delayed the inevitable.
- Monitoring and auditing would have uncovered undeniable evidence of insolvency, which is why Mt. Gox didn’t implement monitoring for years. This made it difficult for Mt. Gox to spot the big attack – the loss of 630,000 BTC – when it took place.
Ultimately, Nilsson and the Wizsec team have performed some of the most comprehensive research regarding Mt. Gox’s infamous loss of bitcoins. The trial against Mt. Gox continues in Japanese courtrooms. You can read the full story about Nilsson’s efforts to investigate Mt. Gox in The Wall Street Journal here.