Mark Karpelès, the former CEO of Mt. Gox, likely wishes he’d had access to modern AI tools back when he purchased the exchange from founder Jed McCaleb in 2011.
Recently, Karpelès ran an early version of Mt. Gox’s 2011 codebase through Anthropic’s Claude AI — and the results were damning. The model flagged critical vulnerabilities that had led to the exchange’s first major hack, ultimately labeling the system “critically insecure.”
In an X post on Sunday, Karpelès revealed that he uploaded the old codebase to Claude along with supplementary data, including GitHub history, access logs, and data “dumps released by” the hacker.
According to Claude AI’s analysis, Mt. Gox’s 2011 codebase was a “feature-rich but critically insecure Bitcoin exchange.”
“The developer (Jed McCaleb) displayed impressive software engineering skills in architecture and feature implementation, managing to build a sophisticated trading platform in just three months,” the report noted — but it also cautioned that:
“The codebase contained multiple critical security vulnerabilities that were targeted in the June 2011 hack. Security improvements made between ownership transfer and the attack partially mitigated the impact.”
Karpelès assumed control of the Japan-based Mt. Gox exchange in March 2011 after purchasing it from its founder and developer, Jed McCaleb. Just three months later, the platform suffered a hack that drained 2,000 Bitcoin.
“I didn’t get to review the code before taking over — it was handed to me the moment the contract was signed,” Karpelès admitted in a comment on his X post. “I know better now; due diligence goes a long way.”
Claude AI’s post-mortem of Mt. Gox
According to Claude AI’s analysis, Mt. Gox’s downfall stemmed from a mix of code vulnerabilities, poor internal documentation, weak admin and user passwords, and lingering access privileges for former administrators after the ownership transfer.
The breach itself was triggered by a larger data compromise after Karpelès’ WordPress blog and several of his social media accounts were hacked.
“Contributing factors included an insecure original platform, an undocumented WordPress installation, retained admin access for ‘audits’ following the ownership change, and a weak password for a critical admin account,” the analysis stated.
Claude’s report also noted that some improvements made before and after the hack helped limit the damage. These included upgrading to a salted hashing algorithm for stronger password protection, fixing an SQL injection flaw in the main application, and adding proper withdrawal-locking mechanisms.
“The salted hashing prevented a mass breach by forcing attackers to brute-force individual passwords — though no algorithm can defend against weak ones,” the analysis explained. “The withdrawal locking feature also prevented a far worse outcome, stopping tens of thousands of BTC from being drained through the $0.01 withdrawal limit exploit.”
“This codebase was targeted in a sophisticated attack in June 2011. Security improvements had been made in the 3 months since ownership transfer, which affected the attack outcome. This incident demonstrates both the severity of the original codebase’s vulnerabilities and the partial effectiveness of remediation efforts.”
While Claude’s analysis indicates that AI might have identified and helped patch certain coding flaws, the root cause of the Mt. Gox breach lay in human and organizational weaknesses — poor internal controls, weak passwords, and a lack of network segmentation that allowed a compromised blog to jeopardize the entire exchange.
Ultimately, AI can’t guard against human error.
Mt. Gox’s lingering impact on the market
Even more than a decade after its collapse, Mt. Gox continues to influence the crypto market. In recent years, the exchange’s repayment of massive Bitcoin holdings to creditors has raised concerns about potential selling pressure — fears that, so far, have not materialized.
As of this month, ahead of the Oct. 31 repayment deadline, Mt. Gox still holds roughly 34,689 BTC.
