• bitcoinBitcoin (BTC) $ 90,143.00
  • ethereumEthereum (ETH) $ 3,192.35
  • tetherTether (USDT) $ 1.00
  • xrpXRP (XRP) $ 2.01
  • bnbBNB (BNB) $ 868.11
  • usd-coinUSDC (USDC) $ 0.999939
  • staked-etherLido Staked Ether (STETH) $ 3,190.92
  • tronTRON (TRX) $ 0.281082
  • dogecoinDogecoin (DOGE) $ 0.137996
  • cardanoCardano (ADA) $ 0.415886
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.02
  • whitebitWhiteBIT Coin (WBT) $ 61.17
  • wrapped-stethWrapped stETH (WSTETH) $ 3,898.93
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 3,463.49
  • bitcoin-cashBitcoin Cash (BCH) $ 564.07
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 89,829.00
  • usdsUSDS (USDS) $ 0.999678
  • chainlinkChainlink (LINK) $ 13.62
  • wrapped-eethWrapped eETH (WEETH) $ 3,456.32
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.999912
  • leo-tokenLEO Token (LEO) $ 9.41
  • wethWETH (WETH) $ 3,191.11
  • stellarStellar (XLM) $ 0.243480
  • moneroMonero (XMR) $ 403.92
  • hyperliquidHyperliquid (HYPE) $ 27.43
  • zcashZcash (ZEC) $ 444.92
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 90,133.00
  • ethena-usdeEthena USDe (USDE) $ 0.999392
  • litecoinLitecoin (LTC) $ 80.99
  • suiSui (SUI) $ 1.54
  • avalanche-2Avalanche (AVAX) $ 13.34
  • hedera-hashgraphHedera (HBAR) $ 0.130090
  • shiba-inuShiba Inu (SHIB) $ 0.000008
  • usdt0USDT0 (USDT0) $ 0.999835
  • susdssUSDS (SUSDS) $ 1.09
  • daiDai (DAI) $ 0.999228
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.148469
  • the-open-networkToncoin (TON) $ 1.62
  • paypal-usdPayPal USD (PYUSD) $ 0.999962
  • crypto-com-chainCronos (CRO) $ 0.100784
  • mantleMantle (MNT) $ 1.14
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.21
  • uniswapUniswap (UNI) $ 5.37
  • polkadotPolkadot (DOT) $ 2.05
  • aaveAave (AAVE) $ 191.67
  • bittensorBittensor (TAO) $ 293.83
  • usd1-wlfiUSD1 (USD1) $ 0.999131
  • canton-networkCanton (CC) $ 0.073161
  • rainRain (RAIN) $ 0.007682
  • memecoreMemeCore (M) $ 1.50
  • bitget-tokenBitget Token (BGB) $ 3.59
  • okbOKB (OKB) $ 114.06
  • falcon-financeFalcon USD (USDF) $ 0.998823
  • tether-goldTether Gold (XAUT) $ 4,212.98
  • nearNEAR Protocol (NEAR) $ 1.66
  • ethereum-classicEthereum Classic (ETC) $ 13.08
  • ethenaEthena (ENA) $ 0.255760
  • aster-2Aster (ASTER) $ 0.936289
  • binance-peg-wethBinance-Peg WETH (WETH) $ 3,191.10
  • pepePepe (PEPE) $ 0.000004
  • jito-staked-solJito Staked SOL (JITOSOL) $ 163.79
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • internet-computerInternet Computer (ICP) $ 3.35
  • pi-networkPi Network (PI) $ 0.207649
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.64
  • pump-funPump.fun (PUMP) $ 0.002786
  • solanaSolana (SOL) $ 131.40
  • hash-2Provenance Blockchain (HASH) $ 0.029903
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.14
  • htx-daoHTX DAO (HTX) $ 0.000002
  • ondo-financeOndo (ONDO) $ 0.468120
  • worldcoin-wldWorldcoin (WLD) $ 0.589559
  • pax-goldPAX Gold (PAXG) $ 4,226.08
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 3,192.06
  • global-dollarGlobal Dollar (USDG) $ 0.999977
  • kucoin-sharesKuCoin (KCS) $ 10.55
  • hashnote-usycCircle USYC (USYC) $ 1.11
  • rocket-pool-ethRocket Pool ETH (RETH) $ 3,667.73
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • bfusdBFUSD (BFUSD) $ 0.999431
  • ripple-usdRipple USD (RLUSD) $ 0.999783
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999714
  • kaspaKaspa (KAS) $ 0.048070
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.119779
  • skySky (SKY) $ 0.054696
  • aptosAptos (APT) $ 1.70
  • quant-networkQuant (QNT) $ 83.25
  • gatechain-tokenGate (GT) $ 10.27
  • arbitrumArbitrum (ARB) $ 0.207611
  • wbnbWrapped BNB (WBNB) $ 867.75
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 3,380.25
  • algorandAlgorand (ALGO) $ 0.130290
  • binance-staked-solBinance Staked SOL (BNSOL) $ 142.77
  • official-trumpOfficial Trump (TRUMP) $ 5.65
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 3,422.21
  • cosmosCosmos Hub (ATOM) $ 2.18
  • ignition-fbtcFunction FBTC (FBTC) $ 89,713.00
  • vechainVeChain (VET) $ 0.011836
  • flare-networksFlare (FLR) $ 0.012608
  • filecoinFilecoin (FIL) $ 1.38
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 90,042.00
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 89,855.00
  • nexoNEXO (NEXO) $ 0.961211
  • xdce-crowd-saleXDC Network (XDC) $ 0.050078
  • sei-networkSei (SEI) $ 0.134216
  • usdtbUSDtb (USDTB) $ 1.00
  • render-tokenRender (RENDER) $ 1.59
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 10.92
  • ousgOUSG (OUSG) $ 113.59
  • wrappedm-by-m0WrappedM by M^0 (WM) $ 0.999811
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.02
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 27.61
  • bonkBonk (BONK) $ 0.000009
  • mantle-staked-etherMantle Staked Ether (METH) $ 3,460.57
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.21
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 3,401.91
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.998303
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 89,880.00
  • wrapped-flareWrapped Flare (WFLR) $ 0.012601
  • midnight-3Midnight (NIGHT) $ 0.042478
  • clbtcclBTC (CLBTC) $ 89,965.00
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.11
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.010972
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999804
  • jupiter-exchange-solanaJupiter (JUP) $ 0.214445
  • story-2Story (IP) $ 2.01
  • usddUSDD (USDD) $ 1.00
  • beldexBeldex (BDX) $ 0.087412
  • ultimaUltima (ULTIMA) $ 6,548.94
  • usdaiUSDai (USDAI) $ 0.998533
  • morphoMorpho (MORPHO) $ 1.19
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999662
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 151.80
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 3,298.50
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.240028
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 3,192.01
  • dashDash (DASH) $ 48.60
  • myx-financeMYX Finance (MYX) $ 3.07
  • optimismOptimism (OP) $ 0.305238
  • spx6900SPX6900 (SPX) $ 0.602876
  • aerodrome-financeAerodrome Finance (AERO) $ 0.615682
  • curve-dao-tokenCurve DAO (CRV) $ 0.384832
  • tbtctBTC (TBTC) $ 89,936.00
  • usual-usdUsual USD (USD0) $ 0.996230
  • injective-protocolInjective (INJ) $ 5.46
  • tezosTezos (XTZ) $ 0.511474
  • blockstackStacks (STX) $ 0.293027
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.810513
  • lido-daoLido DAO (LDO) $ 0.588301
  • bridged-wrapped-ether-pundi-aifx-omnilayerBridged Wrapped Ether (Pundi AIFX Omnilayer) (WETH) $ 35,382,014.00
  • starknetStarknet (STRK) $ 0.106699
  • gtethGTETH (GTETH) $ 3,190.07
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 3,188.59
  • celestiaCelestia (TIA) $ 0.580828
  • true-usdTrueUSD (TUSD) $ 0.997308
  • cgeth-hashkey-cloudcgETH Hashkey Cloud (CGETH.HASH) $ 2,460.42
  • telcoinTelcoin (TEL) $ 0.005098
  • ether-fiEther.fi (ETHFI) $ 0.793891
  • stader-ethxStader ETHx (ETHX) $ 3,432.01
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.22
  • msolMarinade Staked SOL (MSOL) $ 176.63
  • the-graphThe Graph (GRT) $ 0.043691
  • wrapped-apecoinWrapped ApeCoin (WAPE) $ 0.227239
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 3,394.93
  • ghoGHO (GHO) $ 1.00
  • flokiFLOKI (FLOKI) $ 0.000046
  • kaiaKaia (KAIA) $ 0.075379
  • mantle-bridged-usdt-mantleMantle Bridged USDT (Mantle) (USDT) $ 0.997237
  • doublezeroDoubleZero (2Z) $ 0.124360
  • iotaIOTA (IOTA) $ 0.102219
  • newton-projectAB (AB) $ 0.004678
  • swethSwell Ethereum (SWETH) $ 3,499.62
  • bittorrentBitTorrent (BTT) $ 0.00000042
  • ethereum-name-serviceEthereum Name Service (ENS) $ 10.91
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 3,552.76
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.11
  • trust-wallet-tokenTrust Wallet (TWT) $ 0.976100
  • usdbUSDB (USDB) $ 1.00
  • bitcoin-svBitcoin SV (BSV) $ 20.10
  • sbtc-2sBTC (SBTC) $ 90,601.00
  • sun-tokenSun Token (SUN) $ 0.020680
  • basic-attention-tokenBasic Attention (BAT) $ 0.264340
  • lorenzo-wrapped-bitcoinLorenzo Wrapped Bitcoin (ENZOBTC) $ 90,454.00
  • dogwifcoindogwifhat (WIF) $ 0.383182
  • justJUST (JST) $ 0.038264
  • pendlePendle (PENDLE) $ 2.28
  • merlin-chainMerlin Chain (MERL) $ 0.354878
  • conflux-tokenConflux (CFX) $ 0.071945
  • pyth-networkPyth Network (PYTH) $ 0.064461
  • olympusOlympus (OHM) $ 22.60
  • bitcoin-avalanche-bridged-btc-bAvalanche Bridged BTC (Avalanche) (BTC.B) $ 90,067.00
  • decredDecred (DCR) $ 21.18
  • apenftAINFT (NFT) $ 0.00000036
  • the-sandboxThe Sandbox (SAND) $ 0.136320
  • binance-peg-dogecoinBinance-Peg Dogecoin (DOGE) $ 0.138139
  • sonic-3Sonic (S) $ 0.091633
  • fartcoinFartcoin (FARTCOIN) $ 0.345355
  • heliumHelium (HNT) $ 1.85
  • chilizChiliz (CHZ) $ 0.033677
  • pippinpippin (PIPPIN) $ 0.340938
Bitcoin

Mt. Gox’s security flaws costed millions. Could AI have spotted them?

By admin
0 27

Mt. Gox’s security flaws costed millions. Could AI have spotted them?

Former Mt. Gox CEO Mark Karpelès probably wishes he had access to today’s artificial intelligence when he bought Mt. Gox from its founder, Jed McCaleb, in 2011.

That’s because Karpelès has just fed an early version of Mt. Gox’s codebase into Anthropic’s Claude AI. What he got back was an analysis that broke down the key vulnerabilities that led to the defunct exchange’s first major hack, while labelling it “critically insecure.”

In a Sunday X post, Karpelès said he uploaded Mt. Gox’s 2011 codebase to Claude, alongside various data, including GitHub history, access logs and data “dumps released by” the hacker.

Mt. Gox’s security flaws costed millions. Could AI have spotted them?

Source: Mark Karpelès

The analysis from Claude AI said Mt. Gox’s 2011 codebase represented a “feature-rich but critically insecure Bitcoin exchange.”

“The developer (Jed McCaleb) demonstrated strong software engineering capabilities in terms of architecture and feature implementation, creating a sophisticated trading platform in just 3 months,” the analysis reads, adding, however, that:

“The codebase contained multiple critical security vulnerabilities that were targeted in the June 2011 hack. Security improvements made between ownership transfer and the attack partially mitigated the impact.”

Karpelès took over the reins of the Japan-based Mt. Gox in March 2011 after buying the exchange from founder and developer Jed McCaleb. The exchange then suffered a hack around three months later that saw 2,000 Bitcoin (BTC) drained from the platform.

“I didn’t get to look at the code before taking over; it was dumped on me as soon as the contract was signed (I know better now, due diligence goes a long way),” added in a comment on his X post.

Claude AI’s post-mortem of Mt. Gox

According to Claude AI, the key vulnerabilities consisted of a mixture of code flaws, a lack of internal documentation, weak admin and user passwords and retained account access of prior admins after new ownership handover.

The hack was sparked by a major data breach after Karpelès’ WordPress blog account and some of his social media accounts were compromised.

“Contributing factors included: the insecure original platform, undocumented WordPress installation, retained admin access for ‘audits’ after ownership transfer, and a weak password for a critical admin account,” the analysis reads.

The analysis also outlined that some changes pre- and post-hack “mitigated some attack vectors,” preventing the attack from being a lot worse than it could have been.

Such changes included an update to a salted hashing algorithm to provide greater password protection, fixing an SQL injection hacking code in the main application, and implementing “proper locking around withdrawals.”

“The salted hashing prevented mass compromise and forced individual brute forcing, but no hashing algorithm can protect weak passwords. The withdrawal locking prevented the more severe outcome of tens of thousands of BTC being drained via the $0.01 withdrawal limit exploit,” the analysis reads, adding:

“This codebase was targeted in a sophisticated attack in June 2011. Security improvements had been made in the 3 months since ownership transfer, which affected the attack outcome. This incident demonstrates both the severity of the original codebase’s vulnerabilities and the partial effectiveness of remediation efforts.”

While the analysis suggests AI could have helped shore up specific coding flaws, the core of the breach was the result of poor internal processes, weak passwords, and a critical lack of network segmentation that let a blog breach threaten the entire exchange.

Unfortunately, AI cannot prevent human error.

Mt. Gox still impacts the market a decade later

Despite being defunct for over a decade, Mt. Gox has continued to have an impact on the market over the past couple of years, as large sums of Bitcoin (BTC) have been repaid to creditors, resulting in significant potential selling pressure on the market, though this hasn’t happened as many have feared.

Ahead of the Oct. 31 repayment deadline later this month, the exchange holds around 34,689 BTC.

Source

admin 15925 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.