SINGAPORE - Criminals may already have made off with up to US$500 million (S$633 million) worth of bitcoins since the virtual currency launched in 2009 - and you can double that if it turns out they emptied Mt. Gox.
Internet criminals, security experts say, are attracted to bitcoin because of its stratospheric rise in value, because it's easier to steal than real money, and because it's easier to trade with other criminal elements. But, they add, bitcoin will survive the damage.
"It's just growing pains," says Keith Jarvis, a security researcher at Dell SecureWorks. "Bitcoin is large enough and has enough momentum behind it to survive any public relations damage from this (Mt. Gox) case or anything else."
The fall of Mt Gox, the Tokyo-based exchange which filed for bankruptcy last month after saying it lost some 850,000 bitcoins to hackers, is certainly the virtual currency's biggest crisis.
But data collated by Reuters from specialist bitcoin industry websites and internet forums shows that more than 730,000 bitcoins were already missing to theft, hacking, cyber-ransom payments and other apparently criminal pursuits before Mt. Gox's collapse. That's nearly 6 per cent of all bitcoins, and doesn't include dozens, possibly hundreds, of unreported cases of individuals who have lost bitcoins from their computers or online exchanges to hackers.
For sure, there's no way of telling who has these missing bitcoins, or whether they were converted to real money when the price was much lower. And of course some bitcoins may have been counted twice if criminals stole them from each other or they were put back into circulation and stolen again.
But there's no question that bitcoins have attracted the attention of cyber-criminals - as a currency and an asset worth stealing.
A study by Pat Litke and Joe Stewart of Dell SecureWorks showed that as the price of bitcoin soared beyond US$1,000 last year, so did the number of viruses designed to steal bitcoins from wallets - programs that hold bitcoins on user's computers or smartphones. Of the 140 types of such software more than 100 appeared in the past year.
Writing such viruses, says Stewart, is easy. "There's no sophistication involved in the storage of bitcoin in wallets. As for malware, it's some of the easiest stuff to write."
Indeed, this cyber-pocket picking wasn't criminals' first foray into bitcoins. Initially, they focused on using their control of large networks of infected computers - called botnets - to make their own bitcoins.