Bitcoin’s been getting ugly. Very ugly.
The first rumblings came last summer, when Mt Gox, the biggest bitcoin exchange at the time, began dragging its feet meeting redemptions. By November, some people were waiting weeks to get their withdrawal requests honored. Many waited three months or more for their money… while bitcoin prices soared. If Mt Gox were a bank or securities broker dealer, it would have long ago earned the scrutiny of multiple regulatory agencies. But Mt Gox is none of those things.
Mt Gox, the online repository of billions of dollars worth of the beleaguered, nationless, digital currency, is actually the ancestor of an online site first launched in 2007, where nerds and geeks could trade Magic™ cards – a popular fantasy card game.
Jed McCaleb, the site’s founder, read an article about Bitcoin somewhere and wrote some code turning his playing card site into an unregulated online currency exchange. And eventually sold 88 percent of it to a French national named Mark Karpeles. The site grew under Karpeles, and eventually handled more than 70 percent of the world’s bitcoin float – amassing billions of dollars in theoretical assets, given bitcoin’s exchange rates – but still operating in a regulatory vacuum.
This much is by design. Bitcoin aficionados were generally careful about not attracting regulator attention. Among the key attractions of bitcoin were its independence from governments and central banks.
Mt Gox suffered a serious security breach in 2011, in which a hacker transferred a bunch of bitcoins to himself at a penny per bitcoin, and then began to sell them. A number of large accounts ate the loss, but the price returned to normal in a few minutes, so the damage could be limited.
There were a number of teething problems, as well, attributed to programming snafus or confusion with other online exchanges. But in reality, there was a cancer that was already eating away at Mt Gox and bitcoin from the inside. Thieves, hackers or insiders had penetrated the network somehow, and stole $400 million.
Meanwhile, even as Mt Gox was going through its death throes, Autumn Radtke, a Wisconsin native and the CEO of another bitcoin exchange, First Meta, turned up dead in her Singapore apartment. She was 28. Singapore officials have not yet announced an official cause of death, but early indications seem to point to suicide.
Flexcoin, another bitcoin exchange out of Canada, hung up its spurs this week, too, after announcing that hackers had pierced its servers and stole all of its ‘hot wallet’ bitcoin – $600,000 worth at the then-current exchange rate. (The company’s clients who held bitcoin in servers that were not connected to the Internet didn’t lose money. The hacker couldn’t get to those accounts.)
“Flexcoin has made every attempt to keep our servers as secure as possible, including regular testing. In our ~3 years of existence we have successfully repelled thousands of attacks. But in the end, this was simply not enough,” the company said in a statement posted online.
“Having this be the demise of our small company, after the endless hours of work we’ve put in, was never our intent. We’ve failed our customers, our business, and ultimately the Bitcoin community.”
While we don’t know yet what led to Ms. Radke’s suicide – assuming it was, indeed, a suicide, bitcoin has been under sophisticated attack for a long time. Flexcoin managers announced that they had actually repelled thousands of attacks over their time in operation before hackers found the flaw and wiped them out.
Bitcoin had a good chance of pulling through intact if the damage were limited to problems at Mt Gox. The stolen bitcoin were substantial, but amounted to 6 percent of the world’s float. Some players were happy to see Mt Gox go, as it happened.
Bitcoin bears have argued that the widely distributed computer mining and storage system that was bitcoin’s greatest strength and attraction may become its fatal flaw: The encryption and firewall technology at these small, innovative online exchanges is just not up to the task of fending off the world’s most sophisticated and determined cyber-criminals and state cyber-warfare agencies, who may have been teaming up to steal as much bitcoin as they could – and no doubt sell it before the word got out. Megan McArdle, writing for Bloomberg, wrote that the Mt Gox meltdown “spells doom for bitcoin.”
Reports of Bitcoin’s Death Have Been Greatly Exaggerated
While bitcoin did pull back from its early December peak, and has been declining all last February, the price has recovered somewhat in March, to levels it was at in mid-November – before the fatal problems at Mt Gox and Flexcoin were discovered. At press time, bitcoin was trading in the $667 range.
Will we have more exchanges go down to theft and fraud? No doubt other exchanges are being targeted by online criminals and perhaps state actors as we speak. And no doubt these exchanges themselves are scrambling to beef up their firewalls and encryption security and tighten up their code. They can all expect the very toughest adversaries in the hacker business, and they won’t let up any time soon.
Bitcoin seems more secure if you keep your digital coin offline – that is, not connected to the Internet. Keep it in an offline hard drive that’s not even hooked up to your computer – and then don’t lose that hard drive!
Meanwhile, bitcoin is very good at one thing: Transferring large sums of money around the world, cheap, with near perfect anonymity. That is bitcoin’s unique value proposition – and it seems that that value proposition is sufficiently valuable for a critical mass of people to endure the significant price volatility and the risk of hacker theft.
Read More from NerdWallet
- TurboTax vs H&R Block: How to Save This Tax Season
Bitcoin image courtesy of Shutterstock