Profiteering manipulators hit bitcoin trade

Profiteering manipulators hit bitcoin trade

This is the fifth instalment of a series on hidden dangers of information technology.

In May, an alarm was blaring at the offices of Mt. Gox K.K., bitcoin's leading trading platform, in Shibuya Ward, Tokyo.

The alarm signaled that Mt. Gox was under an attack that aimed to shut down its servers by overloading them with massive volumes of traffic. Mt. Gox had become a frequent target of such Distributed Denial of Service (DDoS) attacks.

Bitcoin, a digital crypto-currency that can be used for online payments, was launched only several years ago, but its trading volume across the globe has risen to 12 million bitcoins, or ¥1.05 trillion (S$12.76 billion) at the Dec. 20 exchange rate. If Mt. Gox's site, a major bitcoin exchange, were to go down, the currency's credibility would be severely undermined.

It took about an hour for the company to detect the malicious traffic and block it from the site. During that hour, many comments such as "bitcoin is in danger" were posted online, fuelling concerns among traders. That spurred selling of the currency and exchanges into yen and dollars.

Furthermore, a false report on a US social news website made the situation worse. The report said Japanese authorities searched Mt. Gox's office on suspicion of manipulating bitcoin's prices. The report was accompanied by a fabricated photo that appeared to show police officers searching the company.

As a result, about 60,000 bitcoins were traded during the two hours after the cyber-attack started, during which the value of a bitcoin dropped from US$105 (S$130) to US$85.

Mark Karpeles, Mt. Gox's 28-year-old head, said the aim of the attack was to manipulate the currency's exchange. The attackers attempted to abuse the system by selling the currency before its value fell, then buying it back to earn profits.

In the wake of the DDoS attacks, the company introduced an advanced system equipped to handle massive volumes of traffic. But it continues to undergo occasional attacks by unidentified parties.

Japan sees more attacks

In Japan, people tend to consider DDoS attacks politically connected, such as in a case in which a group of anti-Japan Chinese hackers shut down government-related sites. But outside Japan, many DDoS attacks are driven by profit.

According to US-based IT firm Akamai Technologies, 768 DDoS attacks were reported by its client companies in 2012. Nearly 40 per cent involved online shopping site operators and others whose websites are crucial to their businesses. Many of them were threatened with further attacks unless they paid a ransom.

In April, AP's main Twitter account was hacked, sending out a falsified tweet that US President Barack Obama was injured in explosions at the White House. Stocks on Wall Street briefly plunged more than 140 points on the news.

Scott Borg, a former adviser to the Obama administration, said later in a speech that the number of cyber-attackers who attempt to earn profits through fluctuating stock prices has been on the rise.

Info-sharing system sought

In November, F-Secure, an Internet security company in Finland, received a blackmail threat saying all the documents and files stored on the firm's computer would become encrypted unless it paid a sum of money within three days. To find out what would happen if the firm did not comply with the demand, the company's engineer opened a file attached to the e-mail, and a countdown clock appeared in a web browser. When the time ran out, the computer became locked and denied access to the files stored on it.

Such viruses are known as ransomware, as they hold computer files "hostage" and demand "ransom."

The company eventually made the payment, and the files were restored. As "Tor" anonymity software is believed to have been used in the blackmail, the company was unable to trace those responsible.

The number of such cyber-attacks has also increased in Japan. According to Trend Micro Inc., ransomware was detected in 1,537 cases in the second half of 2012. But in 2013, the number jumped to 5,769 in August alone, and 172 malware infections were reported.

"Attackers make full use of the latest technologies and expertise. But if we give in, that will be exactly what they want," Karpeles said. "Japanese companies tend to hide the damage, but there needs to be a scheme allowing companies to share information to combat such attackers."

More about

Purchase this article for republication.



Your daily good stuff - AsiaOne stories delivered straight to your inbox
By signing up, you agree to our Privacy policy and Terms and Conditions.