Mt. Gox Asset Stripping FAQSummaryAsset stripping by banks internationally. Slow down the deposits, and speed up the withdrawels. Eventually, there will not be enough fiat for Mt. Gox to pay out as needed.
What is "asset stripping", and what is alleged in the case of Mt. Gox?Asset stripping is self-explanatory. A typical example would be purchasing a failing company, under the pretence of planning on restructuring it and returning it to profitability. However, the true intention is to liquidate and appropriate its assets. In the case of Mt. Gox, the goal could be to induce the bankruptcy court to "cram-down" depositors' more secured claims to their bitcoins and cash, and equate these to fictitious debts supposedly owed to the perpetrators. Those creditors' questionable debts could include ones claimed by Mt. Gox's banks, other companies that it has dealt with, and as yet unnamed parties.
When the SHTF for Mt. Gox towards the end of February, they were torpedoed from several different directions all at once. The way the implosion came together suggests the exchange's financial distress was “engineered.” Elements of the scheme could have included, but were surely not limited to:
- insider infiltrator(s) who could not only have planted the bots, Willy and Markus, but also hidden the company's cold storage bitcoins (200K BTC miraculously found later in the old-format wallet)
- banks who could have created a cash/credit squeeze and frozen up Mt. Gox's bank deposits (the $27 million)
- media manipulation such as the phony, leaked "Crisis Strategy Draft" that implied Mt. Gox's deteriorated condition resulted from management incompetence.
- hacking, including DDoS attacks and exploitation of the supposed "transaction malleability" bug in the bitcoin protocol.
- possible government asset seizure and gagging.
- manipulation of the bankruptcy court.
Can you give one possible scenario for how the Mt. Gox could be "stripped" of its assets?My idea is that the two bots, Willy and Markus, were integral to an asset stripping scheme. If you will, call it a "long con." suppose you were Gordon Gekko and wanted to strip Mt. Gox of its assets. Buy it up under the pretext of restructuring the company and returning it to profitability. Ask yourself, "How would I do it?" Here's one scenario that I came up with:
(1) Infiltrate Mt. Gox with my own stooge in order to lay some kind of trap--similar to the way you'd set up a sting operation. Maybe that's what those bots were up to--creating the appearance that there were 650,000 more bitcoins being traded on Mt. Gox than there actually ever were. Someone on the inside could easily have planted them, and then blinded the internal software checks so their operation was never even detected until way too late.
(2) On the books it would appear that there should be 850,000 BTC when in fact there were really only ever 200,000 or a little more. Then I would have my stooge hide the 200K BTC in an old wallet that hadn't been used for a few years.
(3) Cut a deal with an unscrupulous bank to slow down Mt. Gox's deposits while speeding up its withdrawals, thereby creating an artificial cash squeeze. Have the bank call in Mt. Gox's short term credit line when it couldn't keep up with its payments.
(4) At this point, on the books it would appear that Mt. Gox was flat broke, and had lost all of it's depositor's bitcoins.
(5) Then I'd leak out a phony crisis strategy document to announce Mt. Gox's situation and get everyone else to cut them off too.
(6) The only remedy left at this point is for the company to declare bankruptcy so as to ward off its creditors. Once the declaration is officially made,
(7) then I would "find" the missing bitcoins in the old wallet where they had been earlier hidden, yet it would appear as though 650,000 were still missing.
(8 ) Once Mt. Gox was in bankruptcy, I would then offer to buy it up for some trivial amount with the vague promise of taking care of the depositors and throw them a few percentage of the stock which costs absolutely nothing to offer, and thereby seize complete control of Mt. Gox's assets.
(9) Make a few token payments to those depositors who scream the loudest, and then walk off with the rest amounting to $120 million or more at today's price, and so much the richer.
(10) Mt. Gox finally is now Empty Gox, and there's nothing left but the hollowed shell of the company as it has been completely stripped of its own assets as well as its customer's deposits.
How much debt did Mt. Gox have besides what bitcoin and cash it owed to depositors?According to Mt. Gox's bankruptcy filing, it had debts of $63.6 million exclusive of funds owed to depositors.
Before declaring bankruptcy, was Mt. Gox under pressure from anyone else besides depositors wanting to withdraw their funds?When asked about the viability of an unregulated currency he [Mark Karpels] writes, “tbqh [to be quite honest] the pressure we got from banks and governments makes things very hard.”
Source: published IRC chat between Karpeles and Jon Fisher on February 25, 2014.
How much cash deposits in banks did Mt. Gox lose, and did hackers make off with it?$27 million in bank deposits according to its bankruptcy filing, and there has been no explanation of how hackers could have robbed them of so much cash. Other possibilities are that the funds were frozen in one of Mt. Gox's banks or else seized by some government(s).
Did Mt. Gox's banks contribute to a credit squeeze forcing the company into bankruptcy?According to Swiss investigative company, CCI:
According to data received at CCI, there is a reasonable doubt that, during Jan 25th to Feb 25th, money deposited by clients of Mt. Gox, was reported as transferred to Mt. Gox’s clients’ account, while in fact was routed elsewhere.
The report goes on to note that there were not merely a few isolated instances in delaying of deposits to Mt. Gox, but rather it was part of a pattern. See:
http://www.mtgoxinvestigation.com/Where did the number 850,000 disappeared bitcoins come from?The Mt. Gox bankruptcy filing
What proof is there that Mt. Gox ever held more than 200,000 bitcoins--the number of coins "found" in the "old-format wallet"?None.
In a June 27, 2014
Wall Street Journal interview with Takashi Mochizuki and Eleanor Warnock, Mark Karpels stated that "he doesn't believe more will be found."
How much are 200,000 BTC worth in fiat?$120,000,000 at $600 @ BTC.
How many bitcoins were allegedly traded by the two Mt. Gox trading bots, Markus and Willy?650,000
How many bitcoins are allegedly missing from Mt. Gox after finding the ones in the old-format wallet?650,000
What happened to these supposed 650.000 bitcoins that Mt. Gox claims were hacked? Where are they now, and are they traceable?
Nothing definitive.
Is there any proof or evidence that these 650K bitcoins were ever in Mt. Gox's possession in the first place, or were they made up?Who knows, but it appears that the Willy and Markus bots bought around 650K BTC. If these Gox coins were never actually paid for, but then later sold, perhaps through a private placement or else through the activities of user "TIBANNE_LIMITED_HK / THK" (See
http://www.reddit.com/r/Bitcoin/comments/20juso/activities_of_those_tibanne_limited_hk_users/), then this would represent a massive uncovered short position in bitcoin. The supposed "massive theft" reported in Mt. Gox's bankruptcy court papers could represent the failure to cover this short position. Or, as Daniel Drew once rhymed,
"He who sells what isn't his'n, must buy it back or go to pris'n."
Is there any evidence of an insider infiltrator(s) who could not only have planted the bots, Willy and Markus, but also hidden the company's cold storage bitcoins (200K BTC miraculously found later in the old-format wallet)?In the June 27
Journal interview, Karpeles mentioned that in addition to hacker attacks, "there were physical break-ins at the company's offices and that at least one former employee pilfered electronic data."
A “janitor attack” could have been used wherein an infiltrator poses as a cleaning person and undertakes a USB attack to inject malware or else could have planted the two bots, Markus and Willy. Similarly, someone posing as a job applicant might have access to an unwatched machine long enough to do some damage. In fact, without specifically saying this is what happened, Mark Karpeles outlines one such scenario in an interview held on September 18, 2014:
Because storing bitcoins for your users, is the same as storing gold. So, you have someone who gives you gold and tells you, “I would like that gold to still be there when I come back in a week.” In Order to do that, you will use guards 24/7, you will put surveillance in front of your strong room, that’s usual business.
However the bitcoin businesses say, “It’s fine, we are hackers, we won’t be pirated.” And the next day you have someone who actually hacks you. Or for example someone who physically enters your offices, install keys on the computers. Like someone who gets hired as a cleaning agent, and takes advantage of a moment when the offices are empty and do the things I just mentioned.
You see that in movies, but it exists also in reality. I think it’s not very complicated to get hired as a cleaning agent in a building where you have a bitcoin business. So, when you get that job and you clean the offices, you have access to the building at hours when it’s generally empty, because you usually clean places when no one is working. It’s a way like any other way to access an office that manages billions of dollars in bitcoin, when the office is empty.
That is something that should not be possible.But it is, for many companies it is. You can ask your employer to vacuum his own space to counter that issue. But sometimes you can have an employee who gets hired and whose real intention is just to get access to what you have. This is not a fact, it’s just my opinion. We are dealing on a level where our little hackers who are protected behind their screens, are not anymore on a par to face all the possible cases.
If you want to do a bitcoin business nowadays that is secure and safe, you need a security team 24/7 on a computer science level and a 24/7 security team on a physical level, in other words, guards who are in your office 24 hours per day and who keep a close watch on the movements of everybody who gets in and out of the office.
To have a security system that you can control and that is efficient, with access cards, badges etc, you have to have audits, in other words, if possible, to have someone who verifies in real time, all the in and outs, like identifying whether this or that person is supposed to be here or there at this particular moment of the day.For example, if the cleaning lady who usually cleans the office in 30 minutes, suddenly takes 2 hours to clean, that’s weird.
I say the cleaning agent, because it’s the most usual case. It’s easy to bribe them, for example, at night after work you tell someone, “I have a problem with that woman, I think she cheats on me, could you bring me her garbage so I can verify that? And in exchange I will pay you 100 $. The guy will do it 2 or 3 times, and after several times, you tell him, “If you don’t want me to report you to the police, you will give me the garbage of everyone in it, and then you will plug this on each of their computers.” You ask for a little favor and then you turn it into a blackmail, that’s how theses guys proceed.
Those small cleaning people usually don’t have bodyguards and they can sometimes be put in a situation where they don’t have the choice. They are helpful and then they don’t want to loose their job and then above all, they don’t want to be reported to the cops, these people would do anything. Suddenly, the tone of the exchange is not asking for a favor but it becomes an order. It’s easy to do, and then usually no one thinks about that. Someone who cleans the offices in your building is someone you see every day.
http://nathalieandkyoko.wordpress.com/2014/09/18/tokyo-interview-with-mark-karpeles-ceo-of-mt-gox/Another news article appeared in August, 2014 quoting "Mt Gox sources" as having claimed that certain "persons unknown" had manipulated the Mt Gox database and the price so as to profit through arbitrage on other Bitcoin exchanges. While the purposes may have been more nefarious than mere arbitrage, the piece does point to the possibility of an
SQL injection attack. SQL injection can be used to manipulate data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (for example, to alter the amount of one or more account balances). See:
http://www.cryptocoinsnews.com/news/us-cooperate-japan-mt-gox-investigation/2014/08/14Mark Karpeles confirmed in his interview published September 18, 2014 that the company's servers were compromised. According to him:
Maybe it’s too strong to use that word, but being pirated, in other words, to have someone who enters your server and you don’t know about it, it’s close to be a rape. You have your space, where you do your things, and while you are not watching, someone enters inside it, does what he wants. It might not be the appropriate word, but that’s how I feel.
Apparently, the intrusions are still occurring even after Mt. Gox declared bankruptcy last February. A report on August 18 in the
Financial Times stated that as recently as June, "... a lone female was filmed entering the offices of Tibanne, Mt Gox’s former parent company, apparently via an access card left by a postman."
No one doubts that the Tokyo bankruptcy court has been acting in complete good faith, yet could it have been hoaxed by some of the parties involved? See:
* Attorney Nobuaki
Kobayashi, the Mt. Gox court-appointed bankruptcy trustee
*
Kobayashi Maru
http://en.wikipedia.org/wiki/Kobayashi_MaruPlease read this wikipedia entry about Star Trek. Doesn't it doesn't sound very analogous to what Mt. Gox depositor's have actually experienced?
Unfortunate choice of names for the trustee, or veiled jest? You decide.
