MtGox Nearly Breaks Bitcoin…Again


Previous Incident 

In April 2013 large trading volume caused the MtGox trading engine to begin lagging. As soon as the trading engine lag started to build, traders panic sold due to the increasing risk of loss from trading blind. Of course the panic selling just added to the trading volume, thus adding to the lag (which reached 2h on peak). At the end of it all, when the lag died down, we were left with scenes of destruction and broke dreams.
What does the Gox say? Probably nothing with this much lag.


At about 4:25 UCT an extremely large market sell order of about 4,000 bitcoin was placed, this caused the price to drop nearly $100 USD in under 2 minutes. The MtGox trading engine began to lag as the 4,000 bitcoin order hit all the corresponding buy orders as the price fell. According to MtGox, protection had been put in since the April 2013 crash, this protection canceled and rolled back all of the trades during the lag period, however, this somehow caused the engine to go into a loop where the sell order would be executed then rolled back then executed again, until stopped by MtGox.

<@MagicalTux> very large sell order matching too many buy orders, causing the security system to stop the trade and rollback anything that was caused by it

The initial sell order beginning
A view of the loop as plotted on the chart after the lag was gone

Current State

Although the MtGox lag did initially drag down the price on all other exchanges, it has since settled, although the market appears to still be in a downward trends. It’s unsure if the gigantic sell order was neglectful or a deliberate attempt to cause panic, it’s also not sure what happened to that order in the end, if it was ever processed or remains rolled back. 
Some facts are still unclear and i will update if any more information comes out. 
Best Languages to Learn for Malware Analysis

One of the most common questions I’m asked is “what programming language(s) should I learn to get into malware analysis/reverse engineering”, to answer this question I’m going to write about the top 3 languages which I’ve personally found most useful. I’ll focus on native malware (malware which does not require …

Investigating Command and Control Infrastructure (Emotet)

Although the majority of botnets still use a basic client-server model, with most relying on HTTP servers to receive commands, many prominent threats now use more advanced infrastructure to evade endpoint blacklisting and be resilient to take-down. In this article I will go through and explain my process of identifying …

Creating a Simple Free Malware Analysis Environment

Computer Requirements: A CPU with AMD-V or Intel VT-x support (pretty much any modern CPU). 4 GB RAM (more is better). Make sure Virtualization (AMD-V or Intel VT-x) is enabled in the BIOS. To do this, you’ll need to google “enable virtualization” along with your bios or motherboard version, then …