Joshua Brustein, writing for Businessweek:
How did the once-largest Bitcoin exchange lose hundreds of millions of dollars’ worth of the digital currency?
Two words: transaction malleability. A hacker can tinker with the code that makes a Bitcoin transaction happen, so that it looks like it didn’t go through. The person who was supposed to receive a payment then asks again and, in Mt. Gox’s case, is paid again automatically. Mt. Gox has acknowledged this was happening. It seems that someone has been slowly bleeding it for months, leaving it without the funds to pay out legitimate withdrawals. But with the company being pretty tight-lipped about it for now, that’s only the best theory.