However, when trading happens in real time, Mt.Gox relies on a simple database tracking each user's Bitcoin and cash balances to carry out transactions, according to Barr. Mt.Gox has given competing exchanges the numbers required to identify the stolen Bitcoins in the hopes the thief will not be able to turn his ill-gotten gains into hard currency. Mt.Gox's user database recently leaked online and the company suspects the anonymous hacker was able to gain access to the administrator account using the leaked information. It's unclear how the database was stolen, but Mt.Gox believes the hackers exploited an SQL injection vulnerability in its network that the company discovered in late June. Originally, Mt.Gox suspected its database leaked online after "someone who performs audits on [Mt.Gox's] system" had their computer compromised.
Despite using encryption, Mt.Gox is warning its users to change their passwords immediately if they didn't do so after the price crash on June 19. "Our users and the public should know that these hashed [encrypted] passwords can be cracked, and many of our users' more simple passwords have been cracked," Mark Karpeles, CEO of Mt.Gox parent company Tibanne, LLC, says in a statement. Mt.Gox users should also change their login credentials for any other online accounts that use the same password. Mt.Gox said it now uses SHA-512 encryption for user passwords to prevent a similar data breach in the future. Since the data breach, Mt.Gox has been busy rebuilding its system to handle the massive amount of business the company says it was unprepared for. Faked Bitcoins,financial sites,Price Crash,shopping,Technology
0 comments