Mt. Gox ex-boss tests AI on whether it could have prevented historic BTC hack

Published: 27 October 2025
Last updated: 28 October 2025
Mtgox-hack

As AI is increasingly being used to audit blockchain-related projects with mixed results, the former boss of the now-collapsed, once-largest bitcoin (BTC) exchange, Mt. Gox, has tested artificial intelligence’s ability to spot vulnerabilities that cost investors around 2,000 BTC.

Mark Karpelès, who avoided prison after his 2.5-year imprisonment sentence was suspended, said he fed Mt. Gox’s 2011 codebase and various other data, such as access logs, dumps released by the hacker, and more, to Anthropic’s Claude.

The former boss of the exchange shared the results of the analysis, also admitting that 2011, the year he acquired the platform from programmer Jed McCaleb (who later co-founded the Stellar (XLM) blockchain), “was a simpler time.”

ADVERTISEMENT

“I didn’t get to look at the code before taking over – it was dumped on me as soon as the contract was signed (I know better now, due diligence goes a long way),” Karpelès said.

After analyzing all the data it was fed, Claude found that the original platform was built with “weak security,” including a weak password for the admin account that could be brute-forced within days. A documentation gap during the ownership transfer also left WordPress unsecured.

According to the AI, another contributing factor to the breach was that the codebase retained admin access for “audits” after ownership transferred to Karpelès.

The AI-powered audit also found that, despite these flaws, multiple security layers prevented total loss even with a database compromise. It added that the shutdown of the exchange prevented extended exploitation of the discovered vulnerabilities.

In either case, Claude concluded that “the codebase contains critical security vulnerabilities and should not be used as a template for modern applications.”

Mt. Gox was first breached in 2011. Then, in 2014, it was attacked again, losing 850,000 BTC (now worth around $98 billion), effectively killing the platform and leaving its investors with massive losses.

mtgox-ai-btc-lost
Image by Cybernews.
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us
ADVERTISEMENT

However, some of the lost BTC have since been recovered, and around 20,000 creditors have already been repaid after waiting 10 years.

Meanwhile, today, Mt. Gox rehabilitation trustee Nobuaki Kobayashi said he has largely completed repayments, adding that the deadline for repayments has been extended by one year, from October 31st, 2025, to October 31st, 2026.

“Many rehabilitation creditors still have not received their repayments because they have not completed the necessary procedures for receiving repayments,” the trustee said, adding that “various reasons, such as issues arising during the repayments process,” have prevented “a considerable number of rehabilitation creditors” from receiving their BTC.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Nadella scoffs at AI giants as Microsoft may host China’s DeepSeek
Cruel cyber training in Canada: testing if exhausted employees would fall for a 'day off' scam
Cloudflare gives AI agents temporary accounts to deploy websites without human logins
Developers giving attackers a free ride after hundreds of iPhone AI apps found exposing credentials
This tiny European country is pioneering digital ID for AI agents
Canadian lender TD tells some employees it will use software to monitor their work
ADVERTISEMENT