Mt. Gox: What We Still Dont Know 10 Years After the Collapse

When Japanese bitcoin exchange Mt. Gox collapsed in February 2014, there were well-founded fears that it could kill the nascent cryptocurrency before it was more than five years out of the cradle. It is easy now to scoff at such suggestions, but many people thought along these lines given that Bitcoin had not yet faced such a catastrophe.

当日本比特币交易所 mt. gox 于 2014 年 2 月倒闭时，人们有充分理由担心它可能会在这种新生的加密货币诞生五年多之前就将其扼杀。现在人们很容易嘲笑这样的建议，但考虑到比特币尚未面临这样的灾难，许多人也有这样的想法。

Mark Hunter has been an author and ghostwriter for 20 years and a leading cryptocurrency writer since 2017. He is the author of “Ultimate Catastrophe: How Mt. Gox Lost Half a Billion Dollars and Nearly Killed Bitcoin”co-creator and co-host of the podcast series “Dr Bitcoin: The Man Who Wasn't Satoshi Nakamoto.”

马克·亨特 (mark hunter) 担任作家和代笔作家已有 20 年，自 2017 年以来一直是领先的加密货币作家。他是《终极灾难：mt. gox 如何损失 50 亿美元并差点杀死比特币》一书的作者，也是播客系列“比特币博士：不是中本聪的人”。

Over 880,000 BTC were lost by or stolen from Mt. Gox in various guises between March 2011 and January 2014, a haul worth a staggering $45 billion today, and yet with the 10th anniversary of its collapse upon us, there are still several important questions that remain unanswered.

2011 年 3 月至 2014 年 1 月期间，超过 880,000 枚 btc 以各种形式被 mt. gox 丢失或盗取，如今这笔损失价值高达 450 亿美元，然而，在 mt. gox 倒闭 10 周年之际，仍有几个重要问题需要解决：仍然没有得到答复。

Who did it？

谁干的？

One of the key questions that remains unknown is whether we know all of the culprits. Over 809,000 BTC were stolen across six hacks during Mt. Gox‘s lifetime, and we only know of two names linked to one hack: Alexey Bilyuchenko and Aleksandr Verner, who are accused of being part of the Russian hacking group that compromised the exchange in October 2011. Over the course of 26 months, the pair helped steal and launder 647,000 bitcoins from the exchange’s cold wallets.

仍然未知的关键问题之一是我们是否认识所有的罪魁祸首。在 mt. gox 的一生中，超过 809,000 btc 在六次黑客攻击中被盗，而我们只知道与一次黑客攻击有关的两个名字：alexey bilyuchenko 和 aleksandr verner，他们被指控是 2011 年 10 月入侵该交易所的俄罗斯黑客组织的成员。在 26 个月的时间里，两人帮助从交易所的冷钱包中窃取并洗钱了 647,000 枚比特币。

Verner and Bilyuchenko have only been charged by U.S. authorities with the laundering of the coins rather than the hack itself, however, which could suggest a lack of evidence against them on that charge.

然而，美国当局仅指控维尔纳和比柳琴科洗钱，而不是黑客行为本身，这可能表明缺乏针对他们的指控的证据。

See also: Where the Mt. Gox Money Went

另请参阅： mt. gox 的资金去了哪里

Apart from these allegations, sealed in 2017 and made public in June last year, we have no idea who stole the remaining 162,000 BTC. 79,956 BTC remain tied to a well-known address beginning ‘1Feex’, while 77,500 stolen in September 2011 have never been traced. This hack was so successful it was not detected until 2015.

除了这些于 2017 年封存并于去年 6 月公开的指控外，我们不知道是谁偷走了剩下的 162,000 btc。 79,956 个 btc 仍与一个以“1feex”开头的知名地址绑定，而 2011 年 9 月被盗的 77,500 个比特币从未被追踪到。这次黑客攻击非常成功，直到 2015 年才被发现。

Then theres the individual who stole 2,000 BTC in June 2011, which sent the value of bitcoin crashing from $17.50 to $0.01, and the hacker who swiped more than half the coins held by the exchange at the time, when Mt. Gox CEO Mark Karpelès left the wallet on a drive with unencrypted network. Fortunately for Karpelès the hacker got cold feet and negotiated a 1% bounty, leading to a loss of just 3,000 BTC for the exchange, rather than 300,000 BTC.

然后是在 2011 年 6 月窃取了 2,000 btc 的个人，导致比特币的价值从 17.50 美元暴跌至 0.01 美元，以及在 mt. gox 首席执行官 mark karpelès 离开后盗取了交易所当时持有的一半以上比特币的黑客。钱包位于具有未加密网络的驱动器上。幸运的是，对于 karpelès 来说，黑客临阵退缩并协商了 1% 的赏金，导致交易所仅损失了 3,000 btc，而不是 300,000 btc。

In all these cases we have no idea who did the deed, and its almost certain now that we never will. Many suspect the 1Feex hack was a dry run for the debilitating October 2011-January 2014 exploit, given that the modus operandi was the same, but this has never been confirmed.

在所有这些情况下，我们都不知道是谁干的，而且现在几乎可以肯定我们永远不会知道。鉴于作案手法相同，许多人怀疑 1feex 黑客攻击是针对 2011 年 10 月至 2014 年 1 月的破坏性漏洞的一次演练，但这一点从未得到证实。

How did it happen？

它是怎么发生的？

Of the 881,865 BTC which left Mt. Gox unintentionally, we can only say for sure how 72,409 BTC were lost. 30,000 BTC were logged as deposits to customers by Mt. Goxs system when they were in fact being stolen by hackers. An error by Mark Karpelès in October 2011 led to 2,609 being sent to a non-existent address. Two bots operating on Mt. Gox, Markus and Willy, lost 22,800 BTC. And Karpelès bought Polish exchange Bitomat for 17,000 BTC in July 2011.

在无意中离开 mt. gox 的 881,865 btc 中，我们只能确定其中 72,409 btc 是如何丢失的。 mt. goxs 系统将 30,000 btc 记录为客户的存款，但实际上这些资金已被黑客窃取。 2011 年 10 月，mark karpelès 犯了一个错误，导致 2,609 封邮件被发送到一个不存在的地址。在 mt. gox 上运行的两个机器人 markus 和 willy 损失了 22,800 btc。 karpelès 于 2011 年 7 月以 17,000 btc 收购了波兰交易所 bitomat。

When it comes to the remainder, the method of entry is generally either unknown or merely suspected. In the case of the June 2011 hack, we know that the hacker was able to get access to the Mt. Gox server through an administrator-level account. This was initially attributed to auditor Auden McKernan but it was later revealed that it was the account of Jed McCaleb, the founder who had sold Mt. Gox to Mark Karpelès, which inexplicably still had administrator privileges. It is thought that the hacker obtained the details when the entire Mt. Gox user database was stolen along with the 79,956 BTC in the 1Feex hack.

至于其余部分，进入方式通常要么未知，要么只是怀疑。在 2011 年 6 月的黑客事件中，我们知道黑客能够通过管理员级别的帐户访问 mt.gox 服务器。这最初归因于审计员 auden mckernan，但后来透露，这是创始人 jed mccaleb 的账户，他将 mt. gox 卖给了 mark karpelès，而 mark karpelès 莫名其妙地仍然拥有管理员权限。人们认为，在 1feex 黑客攻击中，整个 mt.gox 用户数据库以及 79,956 btc 被盗时，黑客获得了详细信息。

See also: Why Bitcoin's Greatest Hack Still Matters: The Legacy of Mt. Gox

另请参阅：为什么比特币最伟大的黑客仍然很重要：mt. gox 的遗产

Given that U.S. authorities were confident in naming Verner and Bilyuchenko as being part of a group that hacked into Mt. Gox in October 2011 they must have some evidence to back up their assertions, but unless it ever comes to a trial (which is almost certainly wont now that their names are public) these details will likely never be divulged.

鉴于美国当局有信心将 verner 和 bilyuchenko 认定为 2011 年 10 月黑客攻击 mt. gox 的组织的成员，他们必须有一些证据来支持他们的主张，但除非进行审判（几乎可以肯定）现在他们的名字已经公开了）这些细节可能永远不会被泄露。

How safe were the Mt. Gox bitcoins？

mt. gox 比特币有多安全？

Related to the question of how the hackers gained access to the Mt. Gox servers is the question of how they were then able to access the funds supposedly securely stored in cold wallets. We know that until the June 2011 hack, Karpelès kept users bitcoins in a haphazard manner across various physical and software wallets, which exacerbated the impact of the hacks and prolonged the cleanup.

与黑客如何访问 mt. gox 服务器的问题相关的是，他们如何能够访问据称安全存储在冷钱包中的资金。我们知道，在 2011 年 6 月的黑客攻击之前，karpelès 以随意的方式将用户的比特币存放在各种物理和软件钱包中，这加剧了黑客攻击的影响并延长了清理时间。

Karpelès claims that this incident led him to incorporate a much more secure system: he split the coins across numerous paper wallets (he later said hundreds of pieces of paper were involved) and stashed them in bank vaults and safety deposit boxes around Tokyo. Therefore, if the hot wallet was stolen again, as it was for the 1Feex hack, the cold wallets should not be affected.

卡佩莱斯声称，这一事件促使他采用了一个更安全的系统：他将硬币分成多个纸钱包（他后来说涉及数百张纸），并将它们存放在东京各地的银行金库和保险箱中。因此，如果热钱包再次被盗，就像1feex黑客攻击一样，冷钱包应该不会受到影响。

This seems safe enough in itself, but when it was revealed that the exchanges cold wallets had indeed been ransacked between October 2011 and January 2014, many started to ask questions, including then Bitcoin blogger and future General Partner at crypto investment firm Andreessen Horowitz, Arianna Simpson:

这本身似乎足够安全，但当人们发现交易所的冷钱包确实在 2011 年 10 月至 2014 年 1 月期间遭到洗劫时，许多人开始提出疑问，包括当时的比特币博主和加密投资公司 andreessen horowitz 未来的普通合伙人阿里安娜 (arianna)辛普森：

“If you‘re doing it right, the cold storage should not be accessible via the hot wallet, leak or no leak. That’s the whole point of separating the two.”

“如果你做得正确，冷存储不应该通过热钱包访问，无论是否泄漏。这就是将两者分开的重点。”

So how were the cold wallets compromised？ Karpelès has never confirmed his bespoke cold wallet-hot wallet setup, potentially to avoid lawsuits based on the mishandling of funds, but he has given hints in interviews that paint an inconsistent and at times illogical scenario.

那么冷钱包是如何受到损害的呢？卡佩莱斯从未证实过他定制的冷钱包-热钱包设置，这可能是为了避免因资金处理不当而引发的诉讼，但他在采访中给出了暗示，描绘了一种不一致且有时不合逻辑的场景。

The only way to safely top up a hot wallet with funds from a paper wallet is to go and get the paper wallet and execute a multi-step manual transaction on an ultra-secure network. This must be done every single time, which is of course entirely impractical for any Bitcoin exchange no matter what its size or trading volume. No Mt. Gox staff member has reported seeing Mark Karpelès handling paper wallets, and indeed some prominent members of staff told me for “Ultimate Catastrophe: How Mt. Gox Lost Half a Billion Dollars and Nearly Killed Bitcoin” that they had only ever heard hot wallets mentioned, never cold wallets.

使用纸钱包中的资金安全地充值热钱包的唯一方法是获取纸钱包并在超安全的网络上执行多步骤手动交易。这必须每次都完成，这对于任何比特币交易所来说当然是完全不切实际的，无论其规模或交易量如何。 mt. gox 的工作人员没有报告称看到 mark karpelès 处理纸钱包，事实上，一些知名的工作人员在《终极灾难：mt. gox 如何损失 50 亿美元并几乎杀死比特币》中告诉我，他们只听说过热门话题提到钱包，绝不是冷钱包。

Was there, therefore, a system that automatically topped up the hot wallet from the cold wallets when it ran dry and vice versa？ This seems to be the only feasible way in which the exchange could have operated, although it totally undermines the principles of a cold wallet system.

那么，是否有一个系统可以在冷钱包用完时自动从冷钱包充值，反之亦然？这似乎是交易所唯一可行的运作方式，尽管它完全破坏了交易所的原则。冷钱包系统。

Did Mark Karpelès know the exchange was broke？

马克·卡佩莱斯 (mark karpelès) 知道交易所破产了吗？

This is the big question that still divides opinion. Naturally, Karpelès insists that he didnt know the exchange had been bled dry until he checked the cold wallets in mid-February 2014, but there are flaws with this claim. Mt. Gox had started experiencing bitcoin withdrawal issues as far back as August 2013, which should have raised red flags. And yet Karpelès seems not to have considered Mt. Gox was underfunded, despite the exchange having been the victim of multiple hacks in its lifetime.

这是一个仍然存在分歧的大问题。当然，卡佩莱斯坚称，直到 2014 年 2 月中旬检查冷钱包时，他才知道交易所已经被榨干，但这种说法存在缺陷。 mt. gox 早在 2013 年 8 月就开始遇到比特币提现问题，这应该引起警惕。然而，karpelès 似乎并不认为 mt. gox 资金不足，尽管该交易所在其一生中曾多次遭受黑客攻击。

Karpelès was quick to blame the “transaction malleability” bug when it emerged in early 2014 as the reason for withdrawal issues, but this was known to require a tremendous amount of social engineering to pull off even a small theft. He also said he didn‘t suspect any losses because there was a monitoring system in place. If such a system existed then it wasn’t designed properly, which is indicative of the kind of mismanagement that plagued the exchange.

当 2014 年初“交易可延展性”漏洞出现时，卡佩莱斯很快将提款问题归咎于该漏洞，但众所周知，即使是很小的盗窃，也需要大量的社会工程才能实现。他还表示，他不怀疑有任何损失，因为有监控系统。如果存在这样的系统，那么它的设计就不合理，这表明该交易所存在管理不善的问题。

Needless to say, there are plenty who refuse to believe that Karpelès only discovered the loss in February 2014. Others go further in saying Karpelès not only knew about the missing bitcoins, but used Willy and Markus to make up the loss. If this was Karpelès intention it backfired spectacularly: the pair lost 22,800 BTC and $51.6 million between them before the exchange collapsed.

不用说，很多人不相信卡佩莱斯在 2014 年 2 月才发现了损失。其他人则进一步表示，卡佩莱斯不仅知道丢失的比特币，还利用威利和马库斯弥补了损失。如果这是 karpelès 的意图，那么结果会适得其反：在交易所崩溃之前，两人损失了 22,800 btc 和 5,160 万美元。

The simple answer is that we can only speculate as to how the bitcoins on Mt. Gox were secured, and unless Mark Karpelès deigns to tell us it will remain that way.

简单的答案是，我们只能推测 mt. gox 上的比特币是如何受到保护的，除非 mark karpelès 屈尊告诉我们，否则情况将一直如此。