It was a very rare theft of a Bitcoin Ledger Wallet. There are no clear indications about the causes of the theft.
A new cybercrime is alarming the users. A theft of an undisclosed amount of bitcoins (BTC) from a cold wallet of the manufacturer Ledger dismays the ecosystem, as this attack’s procedures remain unclear.
Carlos Santiso, investment manager at the Spanish firm Icaria Capital, made a tweet on January 26, 2021. He reported the theft and poke about its doubts regarding the role of Bitcoin as a substitute for gold.
The investor explained that he had been buying BTC instead of playing the lottery. When he wanted to look into his portfolio balance, he saw two unauthorized transactions and his fund balance almost 0. The thing is that there has been no indication of the modus operandi with which the attacker managed to steal the BTC.
Santiso shared his story on a trendy space for disseminating Bitcoin in Spanish. The podcast moderator, who has a lot of experience using Bitcoin, interceded for Ledger, noting that they have been well behaved in addressing this case. In his opinion, it is one of the most secure hardware wallets on the market.
As there’s no error detection on the user’s part in taking care of their coins, everything indicated that the device was tampered with before it was shipped. This event occasionally happens with equipment outside of official stores, most stores such as Amazon and eBay.
Ledger assured Lunaticoin that these devices sometimes return to the factory. Once received by Ledger, the equipment gets destroyed, not resold, the divulger reported.
As for the security measures, Santiso explained that he had his 24 very secure seed words placed on a piece of paper and the 4-digit PIN of the device kept in a secret compartment on his desk. Thus, Lunaticoin confirmed that the secret phrase never left Santiso’s house.
Something to take into consideration about the theft is that Santiso had never signed transactions from that wallet. It never sent bitcoins from the device. The theft transactions are the only ones that appear in the Ledger Live software; also, the verification of the authentic signatures of this software by the victim of this strange attack.
The characteristics of the attack, and security measures that the victim implemented, seem to leave no clues as to what happened. The only situation that Santiso thinks could be the vulnerable point was when he wrote down the words on paper. He believes that some monitors with cameras (webcam) pointed towards him while he wrote the words.
KYC: Does it Work when it Comes to Track the Destination of Bitcoins?
The attacker may have exchanged BTC for ethers (ETH) on the HitBTC exchange, established in Hong-Kong. Arkad, a Bitcoin security specialist and guest on the podcast, commented that HitBTC’s Know Your Customer (KYC) policies can be a bit bland in cases like this. Arkad also said that the hacker might have changed the currencies through other non-KYC services, using the HitBTC service as an intermediary way.
By: Jenson Nuñez
