Hacker steals over $16 Million in Bitcoin via a wallet exploit

Hacker steals over $16 Million in Bitcoin via a wallet exploit

By Oliver Carding - min read
An image of a hand reaching for crypto coins from a screen laptop

In the latest crypto heist, hackers nabbed 1,400 bitcoins belonging to a long-time holder

Although it may appear that crypto crime has taken a bow over the past few months, it still remains active under the radar. Incidences of Bitcoin-related hacks haven’t been picked or reported by the media owing to the reduced frequency of big crypto exchange hacks.

As a result, crypto users might be fooled to think they are safe when, in reality, they are actually far from it. Hacks aren’t rare occurrences in the crypto space and the latest 1,400 bitcoin lift indeed confirms that.

The major incident before this heist was the Twitter accounts takeover that saw several high-profiles accounts being hacked. The hacks were reportedly a part of a fake Bitcoin giveaway scam.

How the heist unfolded

The victim, who is also a GitHub user by the name ‘1400BitcoinStolen’, shared the story on the platform.

The victim used Electrum software, unaware of the security update that the wallet introduced. Before moving the bitcoins to the account, the user got a message prompting him to update the software. Little did the user know this was just an exploitative scam.

By confirming the prompt message, the software contacted the hacker’s server. What followed was a rip off of 1,400 BTC from the user’s account into the hacker’s. A twitter user (and software engineer) by the name Ben Kaufman shared his views on this story in a thread when it was brought up on Twitter.

“Electrum is a light client, which means it must connect to the blockchain through a server, which by default is chosen from a list of public Electrum servers. Anyone can operate such a public server and some users will be randomly connected to it,” explained Kaufman.

It is unlikely that the Bitcoin holder will get the funds back, but some that have fallen victim to a similar trap in the past have been lucky. Nonetheless, this serves as a reminder to keep software up to date. Crypto users should also be careful when dealing with any crypto-related activities.