Police suspect Mt. Gox Bitcoin theft was an inside job

Was the majority of bitcoin stolen from the exchange due to fraud, rather than cyberattack?
Written by Charlie Osborne, Contributing Writer

Japanese police believe that the majority of bitcoins stolen from Mt. Gox was due to insider tampering, a new report claims.

According to Japanese publication The Yomiuri Shimbun, the fall of once-dominant bitcoin exchange Mt. Gox was due to fraud, rather than an external hack. Sources at the Japanese Metropolitan Police Department (MPD) told the newspaper that out of 650,000 missing bitcoins, only 7,000 -- or one percent -- of the poached currency was lost due to cyberattack.

Approximately 200,000 bitcoins were recovered from an "old" wallet following the Mt. Gox closure, but hundreds of thousands are still unaccounted for.

So what happened to the other 99 percent? Sources say Mt. Gox's system was "fraudulently operated by an unknown party."

As a result, the MPD's investigation of the failed bitcoin exchange now includes scrutinizing the behavior of one specific person who is "familiar with the exchange system" and may have stolen bitcoin from users by manipulating the system through fraud.

Tokyo-based Mt. Gox closed its doors without warning in February last year. The bitcoin exchange, once one of the most popular platforms online, filed for bankruptcy later in the same month. At the time, bitcoin belonging both to the exchange and users, worth approximately $500 million, vanished.

Creditors were given until November 2014 to file claims for compensation.

Rumors and whispers of fraud and an inside job have circulated since the exchange floundered. However, no fingers have been pointed specifically at members of staff or the firm's board. Mt. Gox CEO Mark Karpeles was required to attend interviews with police in Japan at the time Mt. Gox closed its doors, but no one associated with the investigation has suggested the executive is at fault.

Fraudulent trading goes against a statement issued by Mt. Gox at the time of the exchange's closure, which said a system bug which created a security flaw was at fault. The statement (.PDF) read:

"We believe that there is a high probability that these bitcoins were stolen as a result of an abuse of this bug and we have asked an expert to look at the possibility of a criminal complaint and undertake proper procedures."

According to the Yomiuri, "suspicious" accounts may provide the answer to the rest of the missing 650,000 bitcoins. Traders became alarmed after discovering two automatic trading bots, nicknamed 'Willy' and 'Markus,' which appeared in 2013 at various times. According to leaked transaction data, the bots traded high amounts of the digital currency, before vanishing. Bitcoins handled by these bots did not correlate with user accounts.

The Mt. Gox investigation is ongoing. Karpalese told PC World that "There's not much I can say at this point, except the fact that I will continue investigating in order to find what really happened."

Read on: In the world of security

Editorial standards