A longtime Bitcoin investor and his father discovered last week that they were robbed of ~25 BTC ($919,000) in September that the family had held in a personal wallet since 2012.
The online Bitcoin community is now coming to their aid, with the victim proposing a 23 BTC bounty to anyone who can recover the funds.
Insecure Private Keys
In a video from X user @RMessit (aka Rick) on Saturday, the victim said that his Bitcoin wallet’s private key was kept in a self-hosted password manager called KeePass.
The KeePass vault could only be unlocked via another password, which was only known by the two men. However, this password only contained 30 bits – far lower and less secure than that of a standard Bitcoin private key itself, which is 256 bits.
Though still unsure of how his private keys were accessed, Rick suspects someone may have keylogged their device and watched them enter their KeePass password. He confirmed that the device on which the private key was kept was internet-connected.
“Particularly gut-wrenching that I’m writing this from our first father/son pilgrimage to El Salvador,” Rick added. El Salvador became the first nation to make Bitcoin legal tender in 2021, and has launched various initiatives to spur public adoption of BTC as a transactional currency.
Rick encouraged Bitcoin users to buy a standard hardware wallet to “keep their sats in cold storage.” Modern hardware wallets let Bitcoin users securely store and send coins without exposing their private keys to the internet, thus protecting them from online hackers.
Hardware wallets were not available in 2012, nor were seed phrases – human-readable lists of 12 to 24 words that stored private key data in a brain-memorable fashion.
Tracking Down the Coins
Fellow Bitcoiners are already making progress in tracking down the thief. One user, @coinableS, noticed that the hacker has been re-using his Bitcoin addresses and that his attempts to mix his coins have been relatively weak.
CoinableS also noticed that the hacker withdrew coins to one of his addresses from Binance’s hot wallet after the hack took place. Since Binance follows know-your-customer procedures, Rick has called on the exchange and its founder, Changpeng Zhao, to help identify who the address belongs to.
If recovered, the victim has no intention to keep the BTC. He has proposed keeping just 1 BTC for himself, sending another 1 BTC to charitable causes, and letting a bounty hunter keep the rest.
“A retrieval of even 1 BTC would make me ecstatic so I think it’s absolutely reasonable,” he said. “Would also like the bounty to be as big as possible to have a big incentive for someone to go after these bastards.”
This article first appeared at CryptoPotato