Hackers took over the Reddit account and personal blog of Mark Karpeles, the chief executive of shuttered bitcoin exchange MtGox, on Sunday night.
The anonymous attackers used the accounts to post an angry letter accusing Karpeles of stealing bitcoins from his site’s former users, and posted a 750Mb zip file which they say comprises data stolen directly from MtGox’s servers.
“It’s time that MTGOX got the bitcoin communities wrath instead of Bitcoin Community getting Goxed,” the hackers wrote on Karpeles’ blog, “Magical Tux“ (and crossposted to Pastebin). “This release would have been sooner, but in spirit of responsible disclosure and making sure all of ducks were in a row, it took a few days longer than would have liked to verify the data.”
Several members of the bitcoin community claim to have found their own transactions included in the dump, which would indicate that the leak is genuine. The hacker or hackers themselves say they were careful to strip out any passwords from the database. But other reports suggest that a second scam could be involved, with an application contained within the zip file, called TibanneBackOffice, apparently stealing users’ bitcoin wallets.
The hackers imply that one particular line in the data, which shows MtGox as holding 951,000 bitcoins at the time of its collapse, is proof of the company’s malfeasance, annotating the line with the comment: “That fat fuck has been lying!!” However, others who have downloaded the database point out that it remains possible that MtGox’s internal accounts were out of sync with the amount of money they actually held.