Luke Dashjr, a core developer for Bitcoin, had admitted (1) that his PGP (Pretty Good Privacy) key was stolen shortly before the new year, which resulted in him losing almost all of the Bitcoin he had stored away.
Hackers could access his PGP key, a popular security technique that employs key pair to gain access to secured information, according to the developer, who stated this in a tweet published on Sunday. This led to the theft of over 200 BTC coins, which have a value of over $3.5 million.
Looks like some of it is coinjoined to 1YAR6opJCfDjBNdn5bV8b5Mcu84tv92fa
— @LukeDashjr@BitcoinHackers.org on Mastodon (@LukeDashjr) January 1, 2023
A person on Twitter asked Dashjr if he had any ideas regarding how the hackers could have acquired access to his key, and Dashjr said that he had "no idea" about how they could have done so.
Some crypto currency community members suggested that there might be a connection between the attack and an earlier tweet published by Dashjr on November 17, in which he revealed that his server had been hacked by "new malware/backdoors on the system." Nevertheless, the developer was unable to validate that assertion.
Meanwhile, Dashjr has recommended members of the Bitcoin network not install Bitcoin Knots until this problem has been rectified. Bitcoin Knots is a combination of Bitcoin node & wallet that verifies the bitcoins you get are authentic and truly yours. He said (2):
"That's how you might verify that your Bitcoin Knots or Core download isn't infested with malware. So to be clear: DO NOT DOWNLOAD BITCOIN KNOTS AND TRUST IT UNTIL THIS IS RESOLVED. If you already did in the last few months, consider shutting that system down for now."
(as for Core, it's unlikely that website is compromised too, but at least verify a different signer on it)
— @LukeDashjr@BitcoinHackers.org on Mastodon (@LukeDashjr) January 2, 2023
As per his Linkedin (3), Luke Dashjr has been working as a Bitcoin Core developer since 2011. It is also said that he has been programming since over 23 years.
CZ of Binance Reacted
Binance CEO Changpeng "CZ" Zhao expressed (3) his regret and offered support. He said the occurrence saddened him. He also emphasized that users need to take responsibility for preventing the theft of their private keys if they choose to self-custody their keys, which presents certain hazards. It was written here:
"Sad to see even an OG #Bitcoin Core Developer lost 200+ BTC ($3.5 million). Self custody have a different set of risks. We will try to monitor and see where we can help."
Sad to see even an OG #Bitcoin Core Developer lost 200+ BTC ($3.5 million). Self custody have a different set of risks.
— CZ 🔶 Binance (@cz_binance) January 1, 2023
We will try to monitor and see where we can help. 🙏 https://t.co/9eGZ7AFgC2
After the failure of FTX a year ago, the concept of self-custody has emerged as a matter of heated discussion, and this occurrence has reignited the discussion once more.
According to Joe Vezzani, CEO of LunarCrush, a platform that offers social listening insights for crypto currency traders, the loss is quite minor compared to the billions of dollars lost to centralized exchanges.
The head of the crypto department said that the overwhelming bulk of self-custody losses is not disclosed. He also stated that not all cryptocurrency exchanges are FTX, and that not everyone in the cryptocurrency industry is dishonorable like the exchange's founder, Sam Bankman-Fried. He said:
"SBF does not equate to all centralized exchanges. Given that Madoff is not representative of other Stock Brokers"
