Japanese police suspect Mt. Gox theft was an inside job, but no suspect named
The attack against Mt. Gox was an inside job, according to a new report from the Yomiuri Shimbun, a national newspaper in Japan.
In the front page report, the paper cites sources close to the ongoing police investigation and claims that only 7,000 of the 650,000 missing bitcoin – approximately 1 percent – disappeared as the result of an outside cyberattack. The police “highly suspect” that the remaining 99 percent was stolen by a (still unnamed) individual or individuals “familiar with the exchange system."
While the report includes no mention of a suspect’s name, most thoughts will go directly to Mt. Gox’s mercurial CEO Mark Karpeles. The man known online as MagicalTux was notoriously secretive about his exchanges operations, employing only contractors rather than full-time staff and allegedly keeping sensitive details like the cryptographic keys to Mt. Gox’s bitcoin wallets entirely to himself. Even if it was not Karpeles himself who stole the bitcoin fortune, his paranoid and ineffective stewardship of the exchange surely contributed to its vulnerability and ultimate demise.
When the losses were first discovered, Karpeles deflected blame by pointing to transaction malleability in the core bitcoin code – a claim that core developer Gavin Andresen and other industry experts shot down. After 200,000 missing bitcoins were discovered in one of Mt. Gox’s “old wallets,” Karpeles said in a press conference that he was skeptical any more of the missing assets would be found.
In March, a public investigation into leaked Mt. Gox transaction data discovered two automated trading bots, later nicknamed “Willy” and “Markus.” Throughout much of 2013, the bots acquired roughly 570,000 BTC collectively – as of November, still several months before the exchange ceased operations – and likely played a role in Bitcoin’s rapid rise in price during the fourth quarter of last year. As the Yomiuri Shimbun notes, there’s no record of either account ever spending fiat money to make its digital currency purchases:
The investigators found at least two suspicious accounts with balances that continued to grow despite no records of bitcoin purchases, the investigators said.
The balances in clients’ accounts were transferred to these suspicious accounts through system operations. When the affected clients checked their bitcoin balances on the website, the transfers were not displayed.
From these findings, the [Metropolitan Police Department] believes that an unknown party may have repeatedly conducted sales transactions using the bitcoins transferred from clients’ accounts to earn a profit margin.
But due to the falling market and other reasons, the transactions likely generated massive losses, eventually resulting in the disappearance of clients’ bitcoins, investigators said. It’s unclear what technical capabilities Japanese police have and whether they will be able to further identify the source of the fraudulent activity. Mt. Gox bankruptcy trustees have been conducting their own investigation and have enlisted the help of the team behind Kraken, a San Francisco-based Bitcoin exchange noted for its technical sophistication and security prowess.
At its peak, Mt. Gox served 1.2 million customers, more than 120,000 of which have been named as creditors in this case. At their peak, the 650,000 missing bitcoin were valued at more than $730 million, but today are worth just $205 million, following bitcoin's steady price decline.
Neither the Yomiuri Shimbun report nor the Trustee investigation have given any indication of hope that these missing bitcoins will one day be recovered. And even identifying the location of the missing bitcoins may not be enough. Given the cryptographic nature of bitcoin wallets, authorities would likely need to also find the associated encryption keys or compel the fraudster(s) to reveal this information. The best outcome, at this point, may be to see the responsible parties caught and punished.
Today’s report indicates that Japanese police are getting closer to understanding what occurred behind the scenes at Mt. Gox. That in and of itself is reassuring, given the clandestine nature of the Bitcoin protocol. Then again, seeing the guilty party brought to justice won’t make the victims whole again, nor will it restore the confidence (and price) robbed from the Bitcoin market.