Interesting theory. Was also the first thing that crossed my mind upon hearing about Gox's potential troubles (and perhaps lost assets) with the malleability attack. What matters is which wallet software was running. In the case of Gox's it was some homebrewed code that contained no patch for the malleability problem, even though this exploit has been known for at least a year. So, anyone know what wallet software Weex was running on?