Hackers attacked the personal blog of Mt. Gox CEO Mark Karpeles on Sunday and posted what they claim is a ledger showing a balance of some 950,000 bitcoins based on records they obtained from the defunct exchange for the virtual currency.
They said the sum contradicts Mt. Gox's claim in a Japanese bankruptcy protection filing Feb. 28 that it had lost about 850,000 bitcoins.
[ Follow Simon Phipps' great bitcoin adventure, covering over 6 months and 5 exchanges. | It's time to rethink security. Two former CIOs show you how to rethink your security strategy for today's world. Bonus: Available in PDF and e-book versions. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]
Neither Karpeles nor Mt. Gox officials could immediately be reached to verify the claims.
Karpeles has maintained a low profile since the filing in Tokyo District Court. Mt. Gox, which pulled the plug on its website three days before the court filing, had announced that about 750,000 customer bitcoins it held are missing along with 100,000 of its own bitcoins and $27.3 million in customer deposits.
Karpeles' blog was titled "Magical Tux in Japan -- Geekness brought me to Japan!" Karpeles, who is French, often used the nickname "MagicalTux" when posting on public message or chat forums. His blog went offline on Sunday shortly after it was attacked.
Karpeles did not immediately answer a query sent to his personal email address.
The attackers claim to have obtained database records containing transaction details from Mt. Gox. They wrote they purposely withheld users' personal data. Mt. Gox had as many as 1 million customers as of December.
The data included a screenshot of what appears to be an internal SQL database administration tool, Karpeles' CV, and a Windows executable called "TibanneBackOffice," among many others. Mt. Gox is a subsidiary of Tibanne, a company owned by Karpeles.
The release of the data adds to the mysterious circumstances around Mt. Gox, which at one time was the largest exchange for buying and selling bitcoin.
Mt. Gox's demise has enraged its out-of-pocket customers as efforts continue to derive clues from bitcoin's public ledger, called the blockchain, that might indicate the fate of its virtual currency holdings.
Mt. Gox in part blamed a security issue called transaction malleability for its bitcoin losses. In some instances, transaction malleability can allow an attacker to manipulate transaction identification numbers in order to steal bitcoins.
The long-known security problem is being addressed by the custodians of bitcoin's core software who've said it is usually only an issue if a bitcoin exchange has not coded its own software correctly.
Meanwhile, intense efforts are underway to analyze the blockchain to figure out where large stashes of bitcoins once held by Mt. Gox may have been transferred.
The blockchain records the movement of bitcoins from a user's public bitcoin "address" or "wallet," which is a 32-alphanumeric character. It is possible, for example, to attribute addresses to a person or company based on past transfers.
Adam Levine, who writes a blog dedicated to bitcoin, investigated Mt. Gox's bitcoin balances along with four colleagues. The group found two addresses, one with 90,000 bitcoins and another with 200,000, that may belong to Mt. Gox.