• bitcoinBitcoin (BTC) $ 102,242.00
  • ethereumEthereum (ETH) $ 3,355.38
  • tetherTether (USDT) $ 0.999568
  • bnbBNB (BNB) $ 972.21
  • xrpXRP (XRP) $ 2.23
  • usd-coinUSDC (USDC) $ 0.999802
  • staked-etherLido Staked Ether (STETH) $ 3,352.08
  • tronTRON (TRX) $ 0.285448
  • dogecoinDogecoin (DOGE) $ 0.164777
  • cardanoCardano (ADA) $ 0.539546
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.03
  • wrapped-stethWrapped stETH (WSTETH) $ 4,084.70
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 102,103.00
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 3,629.00
  • whitebitWhiteBIT Coin (WBT) $ 52.00
  • hyperliquidHyperliquid (HYPE) $ 39.09
  • chainlinkChainlink (LINK) $ 14.99
  • bitcoin-cashBitcoin Cash (BCH) $ 482.80
  • usdsUSDS (USDS) $ 0.999739
  • zcashZcash (ZEC) $ 561.07
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.998654
  • ethena-usdeEthena USDe (USDE) $ 0.999138
  • wrapped-eethWrapped eETH (WEETH) $ 3,618.39
  • stellarStellar (XLM) $ 0.274113
  • leo-tokenLEO Token (LEO) $ 9.26
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 102,254.00
  • suiSui (SUI) $ 2.01
  • hedera-hashgraphHedera (HBAR) $ 0.167243
  • wethWETH (WETH) $ 3,354.96
  • avalanche-2Avalanche (AVAX) $ 16.46
  • litecoinLitecoin (LTC) $ 88.94
  • moneroMonero (XMR) $ 362.03
  • shiba-inuShiba Inu (SHIB) $ 0.000009
  • the-open-networkToncoin (TON) $ 1.98
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.20
  • daiDai (DAI) $ 0.999664
  • polkadotPolkadot (DOT) $ 2.79
  • crypto-com-chainCronos (CRO) $ 0.125295
  • memecoreMemeCore (M) $ 2.44
  • mantleMantle (MNT) $ 1.24
  • bittensorBittensor (TAO) $ 395.49
  • susdssUSDS (SUSDS) $ 1.08
  • internet-computerInternet Computer (ICP) $ 6.81
  • usdt0USDT0 (USDT0) $ 0.999551
  • uniswapUniswap (UNI) $ 5.35
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.117747
  • aaveAave (AAVE) $ 200.66
  • usd1-wlfiUSD1 (USD1) $ 0.999222
  • bitget-tokenBitget Token (BGB) $ 4.06
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • paypal-usdPayPal USD (PYUSD) $ 1.00
  • nearNEAR Protocol (NEAR) $ 2.13
  • c1usdCurrency One USD (C1USD) $ 1.01
  • okbOKB (OKB) $ 122.51
  • pepePepe (PEPE) $ 0.000006
  • ethereum-classicEthereum Classic (ETC) $ 15.43
  • ethenaEthena (ENA) $ 0.315864
  • jito-staked-solJito Staked SOL (JITOSOL) $ 196.62
  • aptosAptos (APT) $ 3.02
  • falcon-financeFalcon USD (USDF) $ 0.997178
  • tether-goldTether Gold (XAUT) $ 3,979.92
  • aster-2Aster (ASTER) $ 1.03
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 5.02
  • binance-peg-wethBinance-Peg WETH (WETH) $ 3,353.67
  • solanaSolana (SOL) $ 158.35
  • ondo-financeOndo (ONDO) $ 0.611394
  • usdtbUSDtb (USDTB) $ 1.00
  • pi-networkPi Network (PI) $ 0.220831
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.167822
  • htx-daoHTX DAO (HTX) $ 0.000002
  • worldcoin-wldWorldcoin (WLD) $ 0.723310
  • kucoin-sharesKuCoin (KCS) $ 12.35
  • official-trumpOfficial Trump (TRUMP) $ 7.61
  • arbitrumArbitrum (ARB) $ 0.272168
  • filecoinFilecoin (FIL) $ 2.09
  • rocket-pool-ethRocket Pool ETH (RETH) $ 3,853.87
  • dashDash (DASH) $ 118.78
  • algorandAlgorand (ALGO) $ 0.162526
  • binance-staked-solBinance Staked SOL (BNSOL) $ 171.26
  • kaspaKaspa (KAS) $ 0.052217
  • gatechain-tokenGate (GT) $ 11.79
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 39.02
  • pump-funPump.fun (PUMP) $ 0.003809
  • pax-goldPAX Gold (PAXG) $ 3,985.95
  • bfusdBFUSD (BFUSD) $ 0.999452
  • vechainVeChain (VET) $ 0.015352
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.10
  • cosmosCosmos Hub (ATOM) $ 2.72
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999869
  • wbnbWrapped BNB (WBNB) $ 972.20
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 3,529.93
  • hash-2Provenance Blockchain (HASH) $ 0.024797
  • ignition-fbtcFunction FBTC (FBTC) $ 102,542.00
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 3,545.21
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 101,979.00
  • quant-networkQuant (QNT) $ 83.12
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.14
  • flare-networksFlare (FLR) $ 0.014846
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 3,591.25
  • skySky (SKY) $ 0.050352
  • story-2Story (IP) $ 3.46
  • jupiter-exchange-solanaJupiter (JUP) $ 0.346584
  • nexoNEXO (NEXO) $ 1.08
  • global-dollarGlobal Dollar (USDG) $ 0.999928
  • render-tokenRender (RENDER) $ 2.02
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 3,564.93
  • ripple-usdRipple USD (RLUSD) $ 0.999666
  • sei-networkSei (SEI) $ 0.164490
  • bonkBonk (BONK) $ 0.000012
  • hashnote-usycCircle USYC (USYC) $ 1.11
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.997409
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 101,900.00
  • aiaDeAgentAI (AIA) $ 9.65
  • xdce-crowd-saleXDC Network (XDC) $ 0.053317
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.014730
  • morphoMorpho (MORPHO) $ 1.73
  • mantle-staked-etherMantle Staked Ether (METH) $ 3,617.17
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 10.88
  • immutable-xImmutable (IMX) $ 0.423399
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 102,217.00
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 1.21
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.31
  • aerodrome-financeAerodrome Finance (AERO) $ 0.878693
  • fasttokenFasttoken (FTN) $ 1.82
  • ousgOUSG (OUSG) $ 113.20
  • clbtcclBTC (CLBTC) $ 100,762.00
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 181.95
  • optimismOptimism (OP) $ 0.377546
  • celestiaCelestia (TIA) $ 0.824637
  • lido-daoLido DAO (LDO) $ 0.763198
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.09
  • blockstackStacks (STX) $ 0.371833
  • tezosTezos (XTZ) $ 0.621678
  • injective-protocolInjective (INJ) $ 6.56
  • beldexBeldex (BDX) $ 0.084937
  • decredDecred (DCR) $ 37.12
  • cgeth-hashkey-cloudcgETH Hashkey Cloud (CGETH.HASH) $ 3,163.96
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.243228
  • tbtctBTC (TBTC) $ 102,348.00
  • curve-dao-tokenCurve DAO (CRV) $ 0.432630
  • spx6900SPX6900 (SPX) $ 0.657209
  • the-graphThe Graph (GRT) $ 0.057876
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 3,355.68
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 3,562.55
  • msolMarinade Staked SOL (MSOL) $ 211.35
  • usdaiUSDai (USDAI) $ 1.00
  • flokiFLOKI (FLOKI) $ 0.000060
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999765
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999755
  • doublezeroDoubleZero (2Z) $ 0.164389
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 3,355.98
  • usual-usdUsual USD (USD0) $ 0.998258
  • pyth-networkPyth Network (PYTH) $ 0.094452
  • kaiaKaia (KAIA) $ 0.091946
  • iotaIOTA (IOTA) $ 0.130543
  • cognifyCognify (SN115) $ 1,762.47
  • gtethGTETH (GTETH) $ 3,354.84
  • mantle-bridged-usdt-mantleMantle Bridged USDT (Mantle) (USDT) $ 1.01
  • trust-wallet-tokenTrust Wallet (TWT) $ 1.22
  • ether-fiEther.fi (ETHFI) $ 0.895882
  • starknetStarknet (STRK) $ 0.109493
  • zksyncZKsync (ZK) $ 0.068354
  • true-usdTrueUSD (TUSD) $ 0.997920
  • ethereum-name-serviceEthereum Name Service (ENS) $ 13.09
  • plasmaPlasma (XPL) $ 0.258817
  • sonic-3Sonic (S) $ 0.128757
  • bitcoin-avalanche-bridged-btc-bAvalanche Bridged BTC (Avalanche) (BTC.B) $ 102,128.00
  • syrupMaple Finance (SYRUP) $ 0.420146
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.11
  • usdx-money-usdxStables Labs USDX (USDX) $ 0.514085
  • conflux-tokenConflux (CFX) $ 0.090846
  • bitcoin-svBitcoin SV (BSV) $ 23.16
  • newton-projectAB (AB) $ 0.005325
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 3,690.04
  • heliumHelium (HNT) $ 2.42
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 3,345.44
  • the-sandboxThe Sandbox (SAND) $ 0.184581
  • sbtc-2sBTC (SBTC) $ 102,130.00
  • swethSwell Ethereum (SWETH) $ 3,666.63
  • pendlePendle (PENDLE) $ 2.64
  • jasmycoinJasmyCoin (JASMY) $ 0.009079
  • dogwifcoindogwifhat (WIF) $ 0.439130
  • theta-tokenTheta Network (THETA) $ 0.435038
  • vaultaVaulta (A) $ 0.281236
  • myx-financeMYX Finance (MYX) $ 2.27
  • bittorrentBitTorrent (BTT) $ 0.00000044
  • ark-3ARK (ARK) $ 39.98
  • ghoGHO (GHO) $ 0.999246
  • usddUSDD (USDD) $ 0.999346
  • sun-tokenSun Token (SUN) $ 0.022084
  • binance-peg-dogecoinBinance-Peg Dogecoin (DOGE) $ 0.164832
  • galaGALA (GALA) $ 0.009123
  • benqi-liquid-staked-avaxBENQI Liquid Staked AVAX (SAVAX) $ 20.30
  • decentralandDecentraland (MANA) $ 0.216117
  • usdbUSDB (USDB) $ 0.997945
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.20
  • concordiumConcordium (CCD) $ 0.034134
  • soon-2SOON (SOON) $ 1.41
  • flowFlow (FLOW) $ 0.245312
  • apenftAINFT (NFT) $ 0.00000040
Bitcoin

Mt. Gox’s security flaws costed millions. Could AI have spotted them?

By admin
0 19

Mt. Gox’s security flaws costed millions. Could AI have spotted them?

Former Mt. Gox CEO Mark Karpelès probably wishes he had access to today’s artificial intelligence when he bought Mt. Gox from its founder, Jed McCaleb, in 2011.

That’s because Karpelès has just fed an early version of Mt. Gox’s codebase into Anthropic’s Claude AI. What he got back was an analysis that broke down the key vulnerabilities that led to the defunct exchange’s first major hack, while labelling it “critically insecure.”

In a Sunday X post, Karpelès said he uploaded Mt. Gox’s 2011 codebase to Claude, alongside various data, including GitHub history, access logs and data “dumps released by” the hacker.

Mt. Gox’s security flaws costed millions. Could AI have spotted them?

Source: Mark Karpelès

The analysis from Claude AI said Mt. Gox’s 2011 codebase represented a “feature-rich but critically insecure Bitcoin exchange.”

“The developer (Jed McCaleb) demonstrated strong software engineering capabilities in terms of architecture and feature implementation, creating a sophisticated trading platform in just 3 months,” the analysis reads, adding, however, that:

“The codebase contained multiple critical security vulnerabilities that were targeted in the June 2011 hack. Security improvements made between ownership transfer and the attack partially mitigated the impact.”

Karpelès took over the reins of the Japan-based Mt. Gox in March 2011 after buying the exchange from founder and developer Jed McCaleb. The exchange then suffered a hack around three months later that saw 2,000 Bitcoin (BTC) drained from the platform.

“I didn’t get to look at the code before taking over; it was dumped on me as soon as the contract was signed (I know better now, due diligence goes a long way),” added in a comment on his X post.

Claude AI’s post-mortem of Mt. Gox

According to Claude AI, the key vulnerabilities consisted of a mixture of code flaws, a lack of internal documentation, weak admin and user passwords and retained account access of prior admins after new ownership handover.

The hack was sparked by a major data breach after Karpelès’ WordPress blog account and some of his social media accounts were compromised.

“Contributing factors included: the insecure original platform, undocumented WordPress installation, retained admin access for ‘audits’ after ownership transfer, and a weak password for a critical admin account,” the analysis reads.

The analysis also outlined that some changes pre- and post-hack “mitigated some attack vectors,” preventing the attack from being a lot worse than it could have been.

Such changes included an update to a salted hashing algorithm to provide greater password protection, fixing an SQL injection hacking code in the main application, and implementing “proper locking around withdrawals.”

“The salted hashing prevented mass compromise and forced individual brute forcing, but no hashing algorithm can protect weak passwords. The withdrawal locking prevented the more severe outcome of tens of thousands of BTC being drained via the $0.01 withdrawal limit exploit,” the analysis reads, adding:

“This codebase was targeted in a sophisticated attack in June 2011. Security improvements had been made in the 3 months since ownership transfer, which affected the attack outcome. This incident demonstrates both the severity of the original codebase’s vulnerabilities and the partial effectiveness of remediation efforts.”

While the analysis suggests AI could have helped shore up specific coding flaws, the core of the breach was the result of poor internal processes, weak passwords, and a critical lack of network segmentation that let a blog breach threaten the entire exchange.

Unfortunately, AI cannot prevent human error.

Mt. Gox still impacts the market a decade later

Despite being defunct for over a decade, Mt. Gox has continued to have an impact on the market over the past couple of years, as large sums of Bitcoin (BTC) have been repaid to creditors, resulting in significant potential selling pressure on the market, though this hasn’t happened as many have feared.

Ahead of the Oct. 31 repayment deadline later this month, the exchange holds around 34,689 BTC.

Source

admin 14773 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.