It looks like the hacker who breached Mt. Gox made off with about $34,000 worth of Bitcoin and then artificially crashed the market by dropping a sell order for 500,000 BTC, according to the post-mortem about the hack published by Mt. Gox. But while the hacker did withdraw 2,000 in actual BTC, which Mt. Gox is replacing at their own expense, the enormous sell order was vapor:
We would like to note that the Bitcoins sold were not taken from other users’ accounts—they were simply numbers with no wallet backing. For a brief period, the number of Bitcoins in the Mt. Gox exchange vastly outnumbered the Bitcoins in our wallet. Normally, this should be impossible.
The sales could not have been completed because there were no actual Bitcoins to transfer. The hacker had simply assigned himself a huge number of BTC, which was enough to place orders on Mt. Gox and confuse the market.
The way the hacker went about the attack suggests he or she may not have been motivated by money, Mt. Gox concludes. “Given the relatively small amount of damage considering what was potentially possible, we have to question what the true motives of the attacker were. Perhaps the attack simply was not well-orchestrated but the possibility exists that the attacker was more interested in making a statement, hurting Mt. Gox’s reputation, or hurting the public image of Bitcoins in general,” CEO Mark Karpeles wrote.
If the goal was to hurt Bitcoin’s credibility, it doesn’t seem to have worked. Despite the market crash and the leak of Mt. Gox’s usernames and passwords, BTC is trading at around $16 a coin today; it was about $17 before the crash.
“The truth is that Mt. Gox was unprepared for Bitcoin’s explosive growth. Our dated system was built as a hobby when Bitcoins were worth pennies a piece. It was not built to be a Fort Knox capable of securely handling millions of dollars in transactions each day,” Mr. Karpeles said.