MtGox Nearly Breaks Bitcoin…Again

Previous Incident 

In April 2013 large trading volume caused the MtGox trading engine to begin lagging. As soon as the trading engine lag started to build, traders panic sold due to the increasing risk of loss from trading blind. Of course the panic selling just added to the trading volume, thus adding to the lag (which reached 2h on peak). At the end of it all, when the lag died down, we were left with scenes of destruction and broke dreams.
What does the Gox say? Probably nothing with this much lag.


At about 4:25 UCT an extremely large market sell order of about 4,000 bitcoin was placed, this caused the price to drop nearly $100 USD in under 2 minutes. The MtGox trading engine began to lag as the 4,000 bitcoin order hit all the corresponding buy orders as the price fell. According to MtGox, protection had been put in since the April 2013 crash, this protection canceled and rolled back all of the trades during the lag period, however, this somehow caused the engine to go into a loop where the sell order would be executed then rolled back then executed again, until stopped by MtGox.

<@MagicalTux> very large sell order matching too many buy orders, causing the security system to stop the trade and rollback anything that was caused by it

The initial sell order beginning
A view of the loop as plotted on the chart after the lag was gone

Current State

Although the MtGox lag did initially drag down the price on all other exchanges, it has since settled, although the market appears to still be in a downward trends. It’s unsure if the gigantic sell order was neglectful or a deliberate attempt to cause panic, it’s also not sure what happened to that order in the end, if it was ever processed or remains rolled back. 
Some facts are still unclear and i will update if any more information comes out. 
Why Open Source Ransomware is Such a Problem

A while back 2sec4u posted a poll asking if people considered open source ransomware helpful to detection and prevention, with 46% voting yes. Although the poll wasn’t limited to people working in the antimalware industry, 46% is scarily high. Trying to prove a point, help me out Twitter. Is open source ransomware helping …

Mapping Mirai: A Botnet Case Study

Mirai is a piece of malware designed to hijack busybox systems (commonly used on IoT devices) in order to perform DDoS attacks, it’s also the bot used in the 620 Gbps DDoS attack on Brian Kreb’s blog and the 1.1 Tbps attack on OVH a few days later. Although Mirai isn’t even close to …

Dridex Returns to the UK With Updated TTPs

With the exception of a few unconfirmed reports of Dridex targeting Baltic countries (which doesn’t make much sense economically), infection campaigns have ceased since mid August when Dridex briefly resumed spreading to propagate multiple new botnets aimed at Switzerland. This morning a friend of mine, Liam, reported receiving a malicious email which unusually didn’t …