Mt. Got 2nd Hack — 750,000 BTC ($350 million)
Date: Mar 2014
The attacker found transactions malleable. The details of the transactions can be edited to make it like it never took place.
Specifically, in a general transfer transaction, the attacker (the receiver) was able to manipulate the sender’s signature before it goes into the blockchain, and changed the transaction ID. This new and tampered transaction has a chance to overwrite the sender’s original transaction, in which scenario, the attacker gets the funds yet it seemed like the sender does not successfully put the original transaction into the blockchain. The attacker (the receiver) can, therefore, ask for an additional transfer, who will eventually receive the funds twice.
Mt. Got halted all BTC transactions right away. No refunds were made. Eventually Mt. Got filed for bankruptcy.