As MtGox CEO Mark Karpeles and his lawyers officially filed for court-supervised restructuring of the Bitcoin exchange, someone posted a chunk of code to Pastebin that would appear to lend credence to Karpeles’ contention that his company was hacked. The block of PHP code appears to be part of the backend for MtGox’s Bitcoin exchange site, and it includes references to IP addresses registered to Karpeles’ Web hosting and consulting company, Tibanne.

In an update to the MtGox website late Monday, the company reasserted its claim that it had been hacked through an exploit of a weakness in its exchange website code. “Although the complete extent is not yet known, we found that approximately 750,000 bitcoins deposited by users and approximately 100,000 bitcoins belonging to us had disappeared,” the company’s spokesperson said in the latest update at the MtGox website. “We believe that there is a high probability that these bitcoins were stolen as a result of an abuse of this bug and we have asked an expert to look at the possibility of a criminal complaint and undertake proper procedures.”

That loss was discovered on February 24. On the same day, the company found “large discrepancies between the amount of cash held in financial institutions and the amount deposited from our users. The amounts are still under investigation and may vary, but they approximate JPY 2.8 billion [$27 million US].”

But that may not be the full extent of the loss. “Since there are probably a variety of causes, including hacking by third parties, we need to investigate a huge amount of transaction reports in order to establish the truth,” the company said in its statement. “As of this date, we cannot confirm the exact amount of missing deposit funds and the total amount of bitcoins which disappeared.”

The 1,719 lines of commented PHP code posted over the weekend include code to access individual customers’ Bitcoin wallets and to process transactions. MtGox’s Bitcoin node IP address is hard-encoded in the server code, as are SSH keys used to connect to MtGox’s transaction processing server. Anyone who had access to the server running this code could have easily redirected transactions or pillaged the Bitcoin wallets of customers.