Kaspersky: Mt. Gox Data Archive Contains Bitcoin-Stealing Malware 169
itwbennett writes "An archive containing transaction records from Mt. Gox that was released on the Internet last week also contains bitcoin-stealing malware for Windows and Mac, say researchers at Kaspersky Lab who have analyzed the 620MB file called MtGox2014Leak.zip. The files masquerade as Windows and Mac versions of a custom, back-office application for accessing the transaction database of Mt. Gox. However, they are actually malware programs designed to search and steal Bitcoin wallet files from computers, Kaspersky security researcher Sergey Lozhkin said Friday in a blog post."
Re:Really? (Score:4, Interesting)
...except this was no different from someone doing the same thing to a bank. Your arguement is invalid
Comment removed (Score:4, Interesting)
Re:Really? (Score:4, Interesting)
Your understanding is wrong. The mtgox fiasco didn't occur because the miners accepted malleable transactions. It happened when the miners stopped accepting transactions that were malleable. Well, not all malleable transactions. But they did stop accepting the invalid transactions mtgox was generating. Generating those invalid transactions was mtgox bug 1. Mtgox bug 2 was when people fixed their bad formatting and they were accepted the block chain, mtgox software didn't recognise them. Mtgox bug 3 was they they then repeated the same transaction without doing a full audit of their ledger to verify some other mistake hadn't been made. Doing it twice is a bit of a risk given bitcoin transactions aren't reversible. But to be fair, mtgox said they authorised such double spends manually.
But ... it is almost inconceivable that a human authorised $350M in double spends without getting suspicious. So that brings us to the unknown mtgox bug 4. Somehow, they managed to figure out a way of authorising $350M in double spends without anybody noticing. Surely this must quality for the Guinness Book of Records greatest accounting cluster fuck of all time.
But bitcoin protocol bug - sorry no, not this time. Bitcoin offers very few guarantees. I guess a known mining rate, whatever appears on the audit trail is the one and only correct history of bitcoin, and that history will never change are the main three. In the early days, back when people sent 1000's of bitcoins to pay for a pizza, there were bugs that in the bitcoin software that meant those guarantees weren't upheld. But it was also a nicer time. It was when bitcoin was just a toy friends played with, so such mistakes could be and were always fixed. No bitcoin has every been permanently lost because because of such bugs.
I know I shouldn't care when a person on the internet is wrong. Not just a little bit wrong, but tinfoil hat type wrong as you are in this case. But seeing tinfoil hat comments being modded up to +5 is difficult to swallow silently.