Mt. Gox’s security flaws costed millions. Could AI have spotted them?
Former Mt. Gox CEO Mark Karpelès used Claude AI to analyze the exchange's 2011 codebase, revealing critical security flaws.Summary
Former Mt. Gox CEO Mark Karpelès fed the defunct exchange's 2011 codebase, along with associated data like GitHub history and hacker dumps, into Anthropic's Claude AI. The AI labeled the codebase "critically insecure," despite acknowledging the developer's strong architectural capabilities. The analysis pinpointed key vulnerabilities that led to the June 2011 hack, including code flaws, poor documentation, weak passwords, and retained admin access from the previous owner, Jed McCaleb. The initial hack was triggered after Karpelès' WordPress and social media accounts were compromised. Claude noted that security improvements made in the three months before the attack—such as updating password hashing and implementing withdrawal locking—mitigated the damage, preventing a much larger loss of Bitcoin. Ultimately, the analysis suggested that while AI could identify coding flaws, it cannot prevent human errors like weak processes and poor password hygiene, which were central to the breach.
(Source:Cointelegraph)