• bitcoinBitcoin (BTC) $ 69,473.00
  • ethereumEthereum (ETH) $ 2,029.41
  • tetherTether (USDT) $ 0.999919
  • bnbBNB (BNB) $ 644.58
  • xrpXRP (XRP) $ 1.37
  • usd-coinUSDC (USDC) $ 0.999910
  • solanaSolana (SOL) $ 85.28
  • tronTRON (TRX) $ 0.290073
  • staked-etherLido Staked Ether (STETH) $ 2,265.05
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.03
  • dogecoinDogecoin (DOGE) $ 0.092103
  • whitebitWhiteBIT Coin (WBT) $ 54.86
  • usdsUSDS (USDS) $ 0.999870
  • cardanoCardano (ADA) $ 0.259304
  • bitcoin-cashBitcoin Cash (BCH) $ 453.36
  • wrapped-stethWrapped stETH (WSTETH) $ 2,779.67
  • hyperliquidHyperliquid (HYPE) $ 36.93
  • leo-tokenLEO Token (LEO) $ 9.07
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 76,243.00
  • moneroMonero (XMR) $ 353.56
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.998762
  • chainlinkChainlink (LINK) $ 8.91
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 2,466.93
  • ethena-usdeEthena USDe (USDE) $ 0.999396
  • canton-networkCanton (CC) $ 0.150218
  • stellarStellar (XLM) $ 0.157198
  • wrapped-eethWrapped eETH (WEETH) $ 2,465.31
  • usd1-wlfiUSD1 (USD1) $ 0.999372
  • daiDai (DAI) $ 0.999845
  • susdssUSDS (SUSDS) $ 1.08
  • rainRain (RAIN) $ 0.008829
  • litecoinLitecoin (LTC) $ 54.08
  • avalanche-2Avalanche (AVAX) $ 9.53
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 76,366.00
  • paypal-usdPayPal USD (PYUSD) $ 0.999876
  • hedera-hashgraphHedera (HBAR) $ 0.093645
  • suiSui (SUI) $ 0.968720
  • wethWETH (WETH) $ 2,268.37
  • zcashZcash (ZEC) $ 205.42
  • shiba-inuShiba Inu (SHIB) $ 0.000006
  • the-open-networkToncoin (TON) $ 1.34
  • usdt0USDT0 (USDT0) $ 0.998824
  • crypto-com-chainCronos (CRO) $ 0.075578
  • tether-goldTether Gold (XAUT) $ 5,131.17
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.099752
  • pax-goldPAX Gold (PAXG) $ 5,165.03
  • memecoreMemeCore (M) $ 1.46
  • polkadotPolkadot (DOT) $ 1.50
  • uniswapUniswap (UNI) $ 3.87
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.22
  • mantleMantle (MNT) $ 0.698221
  • pi-networkPi Network (PI) $ 0.228917
  • hashnote-usycCircle USYC (USYC) $ 1.12
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • okbOKB (OKB) $ 94.40
  • bittensorBittensor (TAO) $ 205.48
  • skySky (SKY) $ 0.079805
  • global-dollarGlobal Dollar (USDG) $ 0.999885
  • falcon-financeFalcon USD (USDF) $ 0.997144
  • aster-2Aster (ASTER) $ 0.702363
  • nearNEAR Protocol (NEAR) $ 1.30
  • aaveAave (AAVE) $ 108.35
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.15
  • ripple-usdRipple USD (RLUSD) $ 0.999852
  • bitget-tokenBitget Token (BGB) $ 2.17
  • htx-daoHTX DAO (HTX) $ 0.000002
  • internet-computerInternet Computer (ICP) $ 2.55
  • pepePepe (PEPE) $ 0.000003
  • bfusdBFUSD (BFUSD) $ 0.999298
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.11
  • ethereum-classicEthereum Classic (ETC) $ 8.20
  • ondo-financeOndo (ONDO) $ 0.252520
  • pump-funPump.fun (PUMP) $ 0.002001
  • gatechain-tokenGate (GT) $ 7.02
  • morphoMorpho (MORPHO) $ 1.94
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 11.02
  • kucoin-sharesKuCoin (KCS) $ 7.95
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.00
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.097542
  • worldcoin-wldWorldcoin (WLD) $ 0.351425
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.21
  • cosmosCosmos Hub (ATOM) $ 1.82
  • jito-staked-solJito Staked SOL (JITOSOL) $ 124.46
  • nexoNEXO (NEXO) $ 0.891394
  • ethenaEthena (ENA) $ 0.103689
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 2,404.69
  • usdtbUSDtb (USDTB) $ 0.998986
  • kaspaKaspa (KAS) $ 0.030359
  • binance-peg-wethBinance-Peg WETH (WETH) $ 2,262.26
  • render-tokenRender (RENDER) $ 1.52
  • rocket-pool-ethRocket Pool ETH (RETH) $ 2,631.35
  • midnight-3Midnight (NIGHT) $ 0.047492
  • hash-2Provenance Blockchain (HASH) $ 0.013988
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999945
  • algorandAlgorand (ALGO) $ 0.085594
  • usddUSDD (USDD) $ 1.00
  • wbnbWrapped BNB (WBNB) $ 759.61
  • flare-networksFlare (FLR) $ 0.008877
  • ignition-fbtcFunction FBTC (FBTC) $ 76,389.00
  • ousgOUSG (OUSG) $ 114.56
  • aptosAptos (APT) $ 0.926443
  • official-trumpOfficial Trump (TRUMP) $ 2.85
  • filecoinFilecoin (FIL) $ 0.864908
  • xdce-crowd-saleXDC Network (XDC) $ 0.033016
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • janus-henderson-anemoy-treasury-fundJanus Henderson Anemoy Treasury Fund (JTRSY) $ 1.10
  • beldexBeldex (BDX) $ 0.080655
  • stable-2​​Stable (STABLE) $ 0.029304
  • binance-staked-solBinance Staked SOL (BNSOL) $ 108.24
  • vechainVeChain (VET) $ 0.007020
  • yldsYLDS (YLDS) $ 0.999994
  • arbitrumArbitrum (ARB) $ 0.098758
  • ghoGHO (GHO) $ 0.999968
  • jupiter-exchange-solanaJupiter (JUP) $ 0.162567
  • usual-usdUsual USD (USD0) $ 0.997482
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999720
  • bonkBonk (BONK) $ 0.000006
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 76,461.00
  • true-usdTrueUSD (TUSD) $ 0.999324
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 76,491.00
  • a7a5A7A5 (A7A5) $ 0.012286
  • fasttokenFasttoken (FTN) $ 1.09
  • decredDecred (DCR) $ 27.04
  • clbtcclBTC (CLBTC) $ 76,920.00
  • justJUST (JST) $ 0.052728
  • blockstackStacks (STX) $ 0.252062
  • kite-2Kite (KITE) $ 0.254949
  • pancakeswap-tokenPancakeSwap (CAKE) $ 1.37
  • euro-coinEURC (EURC) $ 1.15
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.690878
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 2,419.84
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.006973
  • sei-networkSei (SEI) $ 0.062598
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 33.97
  • tbtctBTC (TBTC) $ 70,942.00
  • ether-fiEther.fi (ETHFI) $ 0.565708
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.03
  • wrappedm-by-m0WrappedM by M0 (WM) $ 1.00
  • siren-2Siren (SIREN) $ 0.565812
  • dashDash (DASH) $ 32.13
  • layerzeroLayerZero (ZRO) $ 2.00
  • kinesis-goldKinesis Gold (KAU) $ 163.89
  • chilizChiliz (CHZ) $ 0.037989
  • tezosTezos (XTZ) $ 0.361863
  • c8ntinuumc8ntinuum (CTM) $ 0.087592
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.999529
  • mantle-staked-etherMantle Staked Ether (METH) $ 2,455.82
  • usxUSX (USX) $ 0.999755
  • pippinpippin (PIPPIN) $ 0.358554
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999983
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.157450
  • resolv-wstusrResolv wstUSR (WSTUSR) $ 1.13
  • curve-dao-tokenCurve DAO (CRV) $ 0.232763
  • cocaCOCA (COCA) $ 1.30
  • gnosisGnosis (GNO) $ 126.67
  • apenftAINFT (NFT) $ 0.00000034
  • riverRiver (RIVER) $ 16.77
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 2,406.26
  • adi-tokenADI (ADI) $ 3.36
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 76,200.00
  • bittorrentBitTorrent (BTT) $ 0.00000033
  • kaiaKaia (KAIA) $ 0.054616
  • hastra-primePRIME (PRIME) $ 1.02
  • usdaiUSDai (USDAI) $ 0.999839
  • wrapped-flareWrapped Flare (WFLR) $ 0.009961
  • sun-tokenSun Token (SUN) $ 0.016091
  • aerodrome-financeAerodrome Finance (AERO) $ 0.332695
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 2,266.86
  • injective-protocolInjective (INJ) $ 2.98
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.12
  • bitcoin-svBitcoin SV (BSV) $ 14.70
  • celestiaCelestia (TIA) $ 0.328262
  • jasmycoinJasmyCoin (JASMY) $ 0.005715
  • spx6900SPX6900 (SPX) $ 0.302647
  • flokiFLOKI (FLOKI) $ 0.000029
  • binance-peg-xrpBinance-Peg XRP (XRP) $ 1.59
  • story-2Story (IP) $ 0.785627
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 2,443.47
  • fraxLegacy Frax Dollar (FRAX) $ 0.992222
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 2,421.84
  • the-graphThe Graph (GRT) $ 0.025413
  • iotaIOTA (IOTA) $ 0.062878
  • sbtc-2sBTC (SBTC) $ 77,039.00
  • syrupMaple Finance (SYRUP) $ 0.233654
  • olympusOlympus (OHM) $ 17.16
  • conflux-tokenConflux (CFX) $ 0.051566
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 115.56
  • doublezeroDoubleZero (2Z) $ 0.077079
  • savings-usddSavings USDD (SUSDD) $ 1.03
  • official-foOfficial FO (FO) $ 0.268149
  • lighterLighter (LIT) $ 1.07
  • crvusdcrvUSD (CRVUSD) $ 1.00
  • msolMarinade Staked SOL (MSOL) $ 133.18
  • pyth-networkPyth Network (PYTH) $ 0.046147
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 2,265.06
  • btse-tokenBTSE Token (BTSE) $ 1.61
  • venice-tokenVenice Token (VVV) $ 5.67
  • optimismOptimism (OP) $ 0.118667
  • lombard-protocolLombard (BARD) $ 1.12
  • staked-aaveStaked Aave (STKAAVE) $ 126.65
Bitcoin

Mt. Gox’s security flaws costed millions. Could AI have spotted them?

By admin
0 55

Mt. Gox’s security flaws costed millions. Could AI have spotted them?

Former Mt. Gox CEO Mark Karpelès probably wishes he had access to today’s artificial intelligence when he bought Mt. Gox from its founder, Jed McCaleb, in 2011.

That’s because Karpelès has just fed an early version of Mt. Gox’s codebase into Anthropic’s Claude AI. What he got back was an analysis that broke down the key vulnerabilities that led to the defunct exchange’s first major hack, while labelling it “critically insecure.”

In a Sunday X post, Karpelès said he uploaded Mt. Gox’s 2011 codebase to Claude, alongside various data, including GitHub history, access logs and data “dumps released by” the hacker.

Mt. Gox’s security flaws costed millions. Could AI have spotted them?

Source: Mark Karpelès

The analysis from Claude AI said Mt. Gox’s 2011 codebase represented a “feature-rich but critically insecure Bitcoin exchange.”

“The developer (Jed McCaleb) demonstrated strong software engineering capabilities in terms of architecture and feature implementation, creating a sophisticated trading platform in just 3 months,” the analysis reads, adding, however, that:

“The codebase contained multiple critical security vulnerabilities that were targeted in the June 2011 hack. Security improvements made between ownership transfer and the attack partially mitigated the impact.”

Karpelès took over the reins of the Japan-based Mt. Gox in March 2011 after buying the exchange from founder and developer Jed McCaleb. The exchange then suffered a hack around three months later that saw 2,000 Bitcoin (BTC) drained from the platform.

“I didn’t get to look at the code before taking over; it was dumped on me as soon as the contract was signed (I know better now, due diligence goes a long way),” added in a comment on his X post.

Claude AI’s post-mortem of Mt. Gox

According to Claude AI, the key vulnerabilities consisted of a mixture of code flaws, a lack of internal documentation, weak admin and user passwords and retained account access of prior admins after new ownership handover.

The hack was sparked by a major data breach after Karpelès’ WordPress blog account and some of his social media accounts were compromised.

“Contributing factors included: the insecure original platform, undocumented WordPress installation, retained admin access for ‘audits’ after ownership transfer, and a weak password for a critical admin account,” the analysis reads.

The analysis also outlined that some changes pre- and post-hack “mitigated some attack vectors,” preventing the attack from being a lot worse than it could have been.

Such changes included an update to a salted hashing algorithm to provide greater password protection, fixing an SQL injection hacking code in the main application, and implementing “proper locking around withdrawals.”

“The salted hashing prevented mass compromise and forced individual brute forcing, but no hashing algorithm can protect weak passwords. The withdrawal locking prevented the more severe outcome of tens of thousands of BTC being drained via the $0.01 withdrawal limit exploit,” the analysis reads, adding:

“This codebase was targeted in a sophisticated attack in June 2011. Security improvements had been made in the 3 months since ownership transfer, which affected the attack outcome. This incident demonstrates both the severity of the original codebase’s vulnerabilities and the partial effectiveness of remediation efforts.”

While the analysis suggests AI could have helped shore up specific coding flaws, the core of the breach was the result of poor internal processes, weak passwords, and a critical lack of network segmentation that let a blog breach threaten the entire exchange.

Unfortunately, AI cannot prevent human error.

Mt. Gox still impacts the market a decade later

Despite being defunct for over a decade, Mt. Gox has continued to have an impact on the market over the past couple of years, as large sums of Bitcoin (BTC) have been repaid to creditors, resulting in significant potential selling pressure on the market, though this hasn’t happened as many have feared.

Ahead of the Oct. 31 repayment deadline later this month, the exchange holds around 34,689 BTC.

Source

admin 18940 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.