Mt. Gox admits DDoS attacks played role in Bitcoin crash
Recent trading lags and a self-imposed closure of the world's leading Bitcoin exchange may have less to do with being "a victim of success" and more to do with being the victim of a cyberattack.
Mt. Gox, the Tokyo-based Bitcoin exchange, revealed that a Distributed Denial of Service Attack played a bigger role in the company's decision to suspend trading for 12 hours Thursday than they initially claimed. The company originally stated that it had been a victim of its own success and that the astonishing growth of new Bitcoin transactions in recent days swamped its infrastructure. Now, Mt. Gox is coming clean about what happened, but only after the digital currency took a major price hit.
"We have two problems: the DDoS and volume related to new accounts," Mt. Gox officials confirmed in a Reddit AMA (Ask Me Anything) session on Friday. "The trade engine is capable of accepting much more of a load. Within 2-3 weeks we will completely rewrite the trade engine, in the meantime we shut down the system today and installed a new server with the current trade engine. Of course, if we didn't have DDoS everything would be fine, so now we're dealing with two issues at once."
Mt. Gox refused to answer Reddit users' request for more detailed information, saying it could compromise their investigation into the source of the attacks. In a statement earlier this month, Mt. Gox said it has been a victim of regular DDoS attacks from those who either want to destabilize the system or profit from corrupting the program.
The attacks come at a time when the volume of trade has never been higher for the four-year-old digital currency. Spurred by a sudden explosion of mainstream media coverage, Mt. Gox has seen more than 75,000 new accounts since the beginning of April. To put that in perspective, Mt. Gox only saw 60,000 new accounts during the entire month of March.
During the AMA, Mt. Gox said these two factors have coalesced to cause the current delays and errors. Last week, the exchange reported a record 502 errors due to lag time in the system. They've announced plans to update their servers to handle the sudden influx of new users, but they told Reddit users it could take up to a month to get the new hardware in place. They also promised the new infrastructure would be more secure.
"We are working on a new secure trading infrastructure centered around a new trade engine we have developed that will ensure that even if our data center loses internet connectivity, mtgox.com will still stay up and available," the company said.
In addition to upgraded hardware, Mt. Gox has also announced new trader policies that will cap the number of transactions new users are allowed to make, to prevent individual traders from swamping the system with thousands of low-value transactions. New accounts will be allowed 10 trades in the first 24 hours (with captcha required on every trade). After that, verified accounts will be allowed 50 trades per day for the first 30 days. Unlimited trading will be allowed afterwards, pending approval.
But all of this comes too late for worried investors. Bitcoin has taken a tremendous dive, losing nearly 80 percent of its value since Wednesday. Bitcoin had been trading at a record high of $266 midweek, but Mt. Gox's trading suspension and technical errors drove the price down to a low of $54. The currency is slowly gaining steam, up to $72 as of midday Friday.
This rapid boom-and-bust cycle has become a repeating occurrence for Bitcoin in recent months. The company experience a similar nosedive last month, after a programing glitch sparked a major sell-off. This instability reigns even as more and more legitimate web companies begin accepting the currency, hoping to erase Bitcoin's image as the currency of choice for legally questionable activities.
But Bitcoin's enthusiasts aren't scared-off by the sometimes wild ride, arguing that these kinds of growing pains are inherent in any new system.
"The main thing to keep in mind is that most of the major Bitcoin exchanges that we have today were basically startups created by individual programmers or small teams working on their own, without much outside backing, and are basically growing with the rest of the Bitcoin economy," Bitpay.com's Vitalik Buterin told The Daily Dot. "Exchanges are consistently getting better at doing their job, upgrading their performance and security every time an incident like this happens, so these kinds of panics will only be short term."
Photo by zcopley/Flickr