I just lost 1,400 BTC (opens in new tab)

(github.com)

146 pointsagirgelen5y ago157 comments

157 comments

nemothekid5y ago

As far as I can understand

1. The user had 1,400 BTC in an old wallet using this software

2. An old version of the software was vulnerable to phishing

3. The user attempted to use the software, and was phished

4. Massive payday for the scammers

Really unfortunate - and goes to show with software you manage yourself you need to be diligent about making sure it's updated. For all the shit coinbase gets, it's difficult to lose your coins in this manner.

brianwawok5y ago

Also, I think it's just the reason that crypto-currency will fail.

If you trick me into an ACH transfer of 16 million, there will

a) Trigger some random human based audits at my bank before the money can leave (likely involve some phone calls)

b) Have actual recourse, like court orders to hold the funds at the other bank

c) Take some amount of time to happen, to allow for A & B

It's not perfect, and it has bugs.. but I would never store actual money of value in crypto anything.

pvg5y ago

If you trick me into an ACH transfer of 16 million, there will

Fun recent case - Citibank claims they fatfingered $900 million over:

https://www.bloomberg.com/opinion/articles/2020-08-25/citigr...

And they're having some trouble getting all of it back although the commentaries suggest that they (eventually) will.

1 more reply

BTCOG5y ago

Naysayers consistently say that "It will fail," without realizing the chain continues to work regardless of your faith or mainstream uses. It works, it will continue to work. It works via satellite and radio. It's unstoppable like BitTorrent. It is decentralized. Faith or not, Bitcoin is not going to fail and it works perfectly as intended.

lgregg5y ago

This is exactly the reason why I don’t use crypto currencies.

swyx5y ago

unless a bank wouldnt serve you, like for sizable parts of the economy.

3 more replies

eastbayjake5y ago

It was my understanding that the user had installed a version of the Electrum wallet that was not from the official source at electrum.org. (But agree - it was really difficult to identify the core issue from this string of GitHub comments.)

crtasm5y ago

They were running an old official version which has a serious issue allowing the full node servers it connects to to pop up a message. e.g. "You need to upgrade - click here" - that led to the malware.

1 more reply

Ansil8495y ago

> For all the shit coinbase gets, it's difficult to lose your coins in this manner.

Aside from U2F, Coinbase offers TOTP and SMS-based 2FA, both of which are vulnerable to phishing. So no, Coinbase is not immune to losing coins in this manner. If Coinbase wanted to prevent being vulnerable to phishing they would i) only allow U2F 2FA, and ii) make U2F mandatory for all accounts.

nemothekid5y ago

1. AFACT the user was phished in a manner that was specific to this platform. It's not really comparable to clicking a nasty link in an email. Whether you chose to use U2F or TOTP, the risks is upfront. The user in this case was running official software - there was no URL to check.

2. The vector of the attack isn't important. The user ultimately lost his coins because he wasn't running the latest version of the software. He could have have easily lost his shirt from an RCE. That is much more difficult on a managed SaaS platform.

nodesocket5y ago

How do we confirm this actually happened? Perhaps I am being cynical, but people have been know to embellish and lie on the internet before? Shouldn't we be able to follow these funds on the ledger?

Hackbraten5y ago

https://news.ycombinator.com/item?id=24334393

arcticbull5y ago

Ah I remember when my bank app had a bug and someone stole $15 million dollars from me then when I asked for help they said not your keys not your dollars. Such is life!

ztratar5y ago

Many folks shit on the modern financial system, with its centralization and Government-coupling, but things like this are actually trackable and reversible in that ecosystem. The safeguards have evolved over centuries.

I am curious when crypto will get there. Maybe 10 years or so?

seibelj5y ago

98% of HN except for a vocal, small minority ever says anything positive about crypto or blockchain. The vast majority appreciate the benefits of the state apparatus being the conduit for financial services. So you posting this is not a surprising nor unique idea, you are representing 98% of HN commenters.

bdcravens5y ago

I'd say 98% of the population. There's a very small percentage of the population that even understands what fiat is, and what problems cryptocurrency solves.

For that matter, a sizable percentage of cryptocurrency advocates either don't know or care either; their only concern is how much fiat they can trade cryptocurrency for.

zajio1am5y ago

> but things like this are actually trackable and reversible in that ecosystem

I do not know about US, but in EU bank transfers are generally not reversible (except forced by courts). If you send money to wrong bank number, you cannot cancel the transaction in bank, you need to ask the owner of that account to send them back.

Compared to BTC, there are two differences - it is possible to identify an account holder and justice system can effectively force bank transfers.

knorker5y ago

It's not THAT hard to reverse transactions between EU banks.

E.g. when that pirate bay founder hacked a bank's mainframe and transferred money out internationally the banks sorted it out, sending it back, without a court.

Maybe you're thinking something specific about "reversing a transaction", but the main point here is that yes if needed a court can just make that reversing happen. Not the case for cryptocurrency. And no matter what the coiners say, irreversibility is very much a bug that society doesn't want.

rabidrat5y ago

It is impossible by design. Adding that 'feature' takes away the core principle of decentralized currency. Allowing government to reverse transactions will also allow them to seize assets. Then it is just a regular currency (for better and worse).

nyghtly5y ago

It becomes a regular currency... that consumes huge amounts of electricity for no reason whatsoever.

https://www.vox.com/2019/6/18/18642645/bitcoin-energy-price-...

Scoundreller5y ago

Didn’t ethereum fork to rollback a hack they didn’t like?

1 more reply

ballenf5y ago

Wire transfers are not reversible after about an hour - as I mentioned the other day a good friend lost a house down payment due to fraud.

But I generally agree with the advice that the service banks and fiat currency provide is probably worth the cost for almost everyone.

iJohnDoe5y ago

Could you share some general details about the friend that lost their down payment?

I’ve heard of this happening to others and have argued that the money is lost and cannot be recovered. People think it’s crazy the money is lost and cannot be recovered. From what I’ve heard it cannot be recovered.

Is your friend able to recover the funds?

How did it happen? Did the instructions for transfer get altered by someone?

Thanks.

1 more reply

gota5y ago

Honestly would like to know how you see it would "get there". In my mind, the 'fiat' part of 'fiat currency' and government-coupling are what gives the financial system the safeguards, so...?

I mean, it is always the state, if you follow the string to the end, that oversees and enforce compensation, rollback and error correction.

What kind of fully-distributed non-autoritative algorithm can do that?

mianos5y ago

While this is largely true, it is pretty common for large amounts of money to be irreversibly lost in an untraceable manner. Wirecard comes to mind this week but a simple search for 'financial fraud' will bring up typical losses much larger this guys lost 14k BTC at least once a month.

bdcravens5y ago

Cash transactions aren't reversible or easily tracked.

knorker5y ago

Which is why it's not used for important purchases. Except illegal ones.

1 more reply

Barrin925y ago

the only way to get there is by reinventing the dreaded middlemen of governance, regulation and insurance that they attempted to replace, with the added feature of having produced a currency that burns the energy equivalent of a middle sized nation

moltar5y ago

Tell that to North Koreans.

https://www.nytimes.com/interactive/2018/05/03/magazine/mone...

abakker5y ago

probably never, honestly. Many people still feel that the guard rails are bugs, not features and imagine that things like this will never happen.

tutfbhuf5y ago

It should be somehow made possible to reverse transactions (like theft) with some sort of distributed consensus.

knorker5y ago

They first have to understand that reversibility is a feature. One of their core beliefs is that's it's a bug.

Canada5y ago

I can't believe someone would even allow a system with that balance to even connect to the internet. It's like filling a car with gold bars, driving it around town, and hoping nothing bad happens. He could have created another wallet, preferably a multisig, created the transaction with the software wallet offline, copied the signed transaction off and broadcast it from another system.

What he did was reckless. Some people are going cry that Bitcoin is unsafe because of this. It's not. You must handle large amounts of cash or gold or other valuables with care.

herpderperator5y ago

Bitcoin is all online. The analogy doesn't work: your gold bars are being driven around town all day and night in public view, already.

In this case, it's just the fact that the access was granted at the application level when the user logged into their wallet, which is like giving someone keys to your car by mistake.

jkepler5y ago

No. One can store keys offline. That's what hardware wallets do.

1 more reply

coronadisaster5y ago

You have to keep them in an encrypted container.... Then you can email a backup to yourself

captn3m05y ago

From looking at the transaction history, looks like it was an actively used account, even.

addcninblue5y ago

This looks like the relevant transaction: https://www.blockchain.com/btc/tx/ef600c380a239d9b929c6c964d...

Xcelerate5y ago

If I had that much in an old wallet, no way would I touch that myself or allow it anywhere near the internet. I would hire a team of experts and get the transaction over to my bank insured.

herpderperator5y ago

Do any big banks offer a BTC account?

vmception5y ago

Its kind of crazy that the phishing attack people are still operating those servers for all these years! But since they pay for themselves no reason to turn them off.

The knowledge gulf is so wide in cryptocurrency that schemes are resurrectable every bull market

Like, some people will use this to reinforce their juvenile binary argument about why “crypto bad”, and then they enter next bull market after someone they respect shows them something they didn't consider. But then they are still a decade late in knowledge while chasing every new shiny thing. If people want to learn its there, permissionless, lucrative.

willemlabu5y ago

Here [1] is the explanation:

    I had 1,400 BTC in a wallet that I had not accessed since 2017. I foolishly installed the old version of the electrum wallet. My coins propagated. I attempted to transfer about 1 BTC however was unable to proceed. A pop-up displayed stating I was required to update my security prior to being able to transfer funds.
    
    I installed the update which immediately triggered the transfer of my entire balance to a scammers address.

[1] https://github.com/spesmilo/electrum/issues/5072#issuecommen...

pkrefta5y ago

With big money comes big responsibility. Storing $16M should be taken very seriously and probably most people have no clue about that.

bpodgursky5y ago

I think the point is that you can store $16M in a bank and take need to take no precautions against casual theft (and often can recover the money via person-to-person interactions, if theft does occur).

thebean115y ago

I completely disagree, only the first $250k is insured. I would never store $16M cash in a bank. You aren't protected against the bank becoming insolvent.

2 more replies

Canada5y ago

I keep hearing that, and yet see mailbox hacks where the attacker tells accounts payable to update the payee's account and the money goes bye bye. Seems to turn into an insurance matter. I'm not sure why, but apparently just getting the bank to get the money back isn't so simple. Nobody talks about it in public. Haven't personally seen 8 figure amounts, but have seen amounts around a million dollars.

brutuscat5y ago

Until you can't https://en.wikipedia.org/wiki/Corralito

sjs70075y ago

I have more faith in the banking system but even there it can get tricky: https://news.ycombinator.com/item?id=24222045.

chipgap985y ago

To store $16M you definitely need to take precautions. Someone could steal your identity or compromise your account. It seems like different vulnerabilities rather than one that only exists for crypto.

1 more reply

paulcole5y ago

Yeah that's because it's a bank not a pseudo-facsimile of a bank.

abfan11275y ago

is it fair to say he could put that $16M in a digital equivalent of his mattress? Had he placed in a reputable exchange, or spread the coins across multiple exchanges, he would have been safer?

notRobot5y ago

Stuff like this is why you shouldn't use a lightweight wallet and should use the official wallet, or at least host a full node.

Lightweight nodes: https://en.bitcoin.it/wiki/Lightweight_node

qwertox5y ago

What about an hardware wallet like Ledger?

notRobot5y ago

I would simply recommend hosting a full node and using the latest release of the official Bitcoin Core wallet.

Hardware wallets are relatively new and uncommon, so not much is known about their security risks. That said, there are no glaring, obvious issues and you could use one if you want.

Read: https://en.bitcoin.it/wiki/Hardware_wallet#Security_risks

As always, do not take advice from strangers on the internet about storing your crypto without doing extensive research on your own. The Bitcoin wiki is a great starting point: https://en.bitcoin.it/

1 more reply

kutorio5y ago

I'm not an expert in BTC storage, but as far as I understand such an attack could have been prevented if the owner invested in a hardware wallet for $100-200. As the final step in a transaction would be to sign it on your ledger/trezor device, and would be much harder to phish.

AgentME5y ago

This was my first thought too. Hardware wallets show transactions on their own screen so the amount and destination address can be confirmed on-device before the device signs the transaction, which seems like a great tool to avoid this kind of issue. Anyone that owns more cryptocurrency than a hardware wallet costs really needs to have a hardware wallet.

btilly5y ago

Reading these threads I always have to wonder.

Is the report of being scammed a scammer trying to make extra money on a sale? How would anyone know?

GaryNumanVevo5y ago

Bitcoin being a public ledger, it's fairly easy to see if 1,400 BTC was moved recently: https://www.blockchain.com/btc/tx/ef600c380a239d9b929c6c964d...

I mean they definitely could have seen that transaction and just acted like it was their stolen money.

iJohnDoe5y ago

Serious question. Not trolling.

Would it have been possible to exchange that much BTC for US dollars? Ignoring taxes for a few seconds. Would it have actually been possible to get real fiat money for the 1,400 BTC?

I’ve always heard of complete incompetence trying to get an account set up on any exchange. Getting verified, etc.

noxer5y ago

If he acquired them legal of course he can sell them an get fiat withdrawn to his bank, assuming hes not in a place where bitcoin is illegal. Doing this all at once without informing your bank will probably instantly freeze the funds and trigger some kind of investigation. That doesn't mean you eventually get access to it. Also there are exchanges withdraw limits so its not on your bank account in 1-2 working days. If you want to sell all at once and withdraw you would have to register on different exchanges to circumvent daily limits and do the KCY which that can take days to get verified.

phedboi5y ago

Why would someone holding 1400 BTC use a software wallet instead of an offline hardware wallet? SMH

spurgu5y ago

Yeah this is what blows my mind. I would be paranoid if I had 14 BTC, let alone 1400. When I had (as much as) 19 BTC some while ago I stored them on a Trezor, with the seed on a paper (three copies in different places) in a form that no one would realize it actually was a seed.

herpderperator5y ago

Be careful... sometimes we end up making things so complicated that we forget how it works. Think why comments are so crucial after looking at your own code from a year ago and having no clue what you meant. :-)

jkepler5y ago

Even a single hardware wallet would have been risky - loss or damage, or theft. For high values, set up multi signature hardware wallets, at least a 2 of 3 scheme, each stored in different geographic locations.

phedboi5y ago

That's overly complicated. A single hardware wallet in a fire proof safe or a safe deposit box in a bank vault is sufficient for this use case. If a hardware wallet were stolen, the thief would still have to guess the password. q.v. https://xkcd.com/538

1 more reply

gota5y ago

I've said this time and time again: 'be your own bank' is a terrible design error, not a feature, for 99.99% of users.

This guy is most likely somewhat technically literate, and this happened to him.

rjkennedy985y ago

There is no mandate in Bitcoin to 'be your own bank' - its just an option. It is a feature and a very good one for people who are afraid of government intrusion into how they use their money. If you don't care about this "feature" you can turn it off by putting your crypto in Coinbase or other exchanges where it will be insured.

nyghtly5y ago

> Satoshi Nakamoto stated in his white paper that: "The root problem with conventional currencies is all the trust that's required to make it work. The central bank must be trusted not to debase the currency, but the history of fiat currencies is full of breaches of that trust."

https://en.wikipedia.org/wiki/Bitcoin

It's clear that the purpose of Bitcoin is to replace existing banking institutions by providing a trust-less alternative. This means that using an exchange to store Bitcoin is essentially useless. If your purpose is to protect your money by handing it over to a trusted institution, then you're better off putting it into a bank that's FDIC insured.

Of course, the real reason that people store their Bitcoin on Coinbase is so that they can easily profit from speculation by exchanging their coin for USD.

2 more replies

RcouF1uZ4gsC5y ago

This feature is the whole point of Bitcoin and blockchain in general. If we just wanted to be able to have balances in banks, the current banking system does it far cheaper with a lot more legal protections.

BTCOG5y ago

This is untrue. The entire design of Bitcoin was never to have exchanges, to entirely be your own money's keeper. You would have to actually read the whitepaper, have talked to Satoshi and Hal Finney and paid attention to it's purpose. What you said was an opinion. Not your code/node instance, not your keys, not your money. Bitcoin was not designed to custody your money to a bank, it was designed __against__ doing just that. It is very unfortunate when something like this happens but it's very foolish to have more than 1-2 BTC in one privatekey. This guy should've gone through the painstaking process of putting one BTC, or even less, into 1400 privatekeys and new cold wallets.

_y5hn5y ago

Users may use one of the many wallets that suddenly vanishes, along with the bits. Neither online or offline is very secure, from bitrot, hackers and viruses. So no.

tim3335y ago

>all digital currency that Coinbase holds online is insured. ...

>Coinbase holds less than 2% of customer funds online

So you're not really insured against some human getting the offline key https://help.coinbase.com/en/coinbase/other-topics/legal-pol...

stnmtn5y ago

Was Mt Gox insured? Why should I trust anything after that?

1 more reply

mcv5y ago

The problem with such a new, unproven, and completely unregulated system, many alternatives to 'be your own bank' are also not good options. Plenty of exchanges have lost a lot of people's money. It's hard to tell which wallet or exchange is reliable and which isn't. Instead of trusting a system that's tightly regulated in order to protect people's money, you're expected to trust a system that's completely unregulated, that's filled with crooks and cowboys and idiots who keep creatively or accidentally figuring out new ways to lose your money.

It's a good example of why regulation is necessary in banking.

1 more reply

seotut25y ago

> somewhat technically literate

But doesn't know what IRC or freenode is, as illustrated by a comment in that thread.

throwaway432345y ago

Is that really your bar for being "somewhat technically literate"? Being familiar with decentralized chat protocols and services? What a world...

2 more replies

ConsiderCrying5y ago

There's a reason why any site dealing with crypto has a dozen labels begging people to double-check addresses, divulge no information to strangers, don't trust anyone, etc. However, warning labels come on any product and people still manage to misuse them. No matter how many labels you plaster about being more careful with bitcoin, people will keep losing it to things like this.

ykevinator5y ago

Yeah agreed. If everyone was a developer and a security expert, Bitcoin is great, but instead its a massive hobby that has serious risk like what happened to this poor guy.

ed25519FUUU5y ago

The virtues people often use for crypto (trustless, irreversible, untraceable) are almost always user-hostile. Banks aren’t great, but at least it’s harder to phish $16million.

simonblack5y ago

If you can't hold it in your hot little hand, it does not exist. This also applies to your money and other valuables held by third parties such as Banks or Trusts, or wealth stored as numbers in a computer.

Unless you hold and control it personally, it's not yours at all.

While it's definitely convenient in good times for your wealth storage to be in the hands of others, you're completely dependent on the goodwill of those others. In bad or difficult times, you're not going to keep that wealth for very long.

EForEndeavour5y ago

Pointing out that you don't technically own the money in your conventional bank's chequing account is a mere distraction from the fact that in the real world, it's easier to permanently lose access to your cryptocurrency than it is to permanently lose access to your bank account.

echopom5y ago

This is fascinating.

Honestly , while I found BlockChain & Immutable Ledger disruptive technology , I have zero trust in cryptos.

The amount of scam in this industry is just obscene, unlike banking , there is no such thing as insurance for your wallet or legal recourse to get back your assets, your pretty much on your own and I'm fairly convinced he won't get back his 1.5M$ Bitcoin .

I feel bad for him , but there is very little surprise playing with unregulated stuff.

vmception5y ago

There is a lot more scamming in those legal recourse systems, they have the benefit of not being masqueraded as international news every time!

The user experience where you personally still have your money might be something you like.

Also it was $16m bitcoin

ur-whale5y ago

Reading this, I feel compelled to repost this old but still largely relevant blogpost:

http://trilema.com/2013/the-story-of-pointless-and-witless/

kobasa5y ago

It's not crypto-currencies and it's not crypto currencies. It's simply cryptocurrencies. At least learn to spell the word correctly before giving your absolutely ignorant opinion on it.

CameronBanga5y ago

Given that the first post in tracker mentions "0,09", I think the comment here may actually be using a Euro standard decimal notation.

So the author may have lost 1.4 BTC, or ~16k. Still a loss, but not 16m.

spurgu5y ago

Nope: https://www.blockchain.com/btc/address/bc1qcygs9dl4pqw6atc4y...

Address mentioned here: https://github.com/spesmilo/electrum/issues/5072#issuecommen...

asdz5y ago

That's why getting a hardware wallet is important!!! The guy have 17 million USD and don't even bother to heighten up the security.

xwdv5y ago

Fools and their bitcoin are easily parted. Perhaps this man has lost his only chance at possessing millions. What an expensive lesson.

rtx5y ago

This is why we need, order > Community > Society > Government > Banks

We are at the community stage with crypto.

gchamonlive5y ago

This structure is just one form of security implementation and not flawless at that, and I would dare say biased towards the richer parties.

Scams, in and outside of banks happen really frequently, so turning to traditional structures of control just because new ones failed at some point is defeatist. We can have nice things, but they need time to evolve properly.

rtx5y ago

Don't disagree, always happy to see the alternative. Another one that we had earlier in India was Rta (natural order) > Rna (debt on non conformist) > Karma > Gods.

But as we understood the world better, this one went out of fashion

knorker5y ago

The whole point of cryptocurrency on is that they don't believe in ANY of those institutions.

rtx5y ago

Maybe in the beginning, it looks like gold rush now.

1 more reply

reportgunner5y ago

This story is kinda like:

"I got pickpocketed once and lost all my cash. This means that cash is inherently unsafe and should not be used by anyone ever."

knorker5y ago

No, more like "I got pickpocketed of all my life savings, therefore maybe I shouldn't walk around with my life savings in my back pocket".

illgenr5y ago

The negative comments on HN about crypto give me confidence RE: it's eventual success in dethroning fiat currency.

ncmncm5y ago

And somebody gained 1400 BTC.

krapp5y ago

Caveat fucking emptor.

j / k navigate · click thread line to collapse

157 comments

nemothekid5y ago

As far as I can understand

1. The user had 1,400 BTC in an old wallet using this software

2. An old version of the software was vulnerable to phishing

3. The user attempted to use the software, and was phished

4. Massive payday for the scammers

brianwawok5y ago

Also, I think it's just the reason that crypto-currency will fail.

If you trick me into an ACH transfer of 16 million, there will

a) Trigger some random human based audits at my bank before the money can leave (likely involve some phone calls)

b) Have actual recourse, like court orders to hold the funds at the other bank

c) Take some amount of time to happen, to allow for A & B

It's not perfect, and it has bugs.. but I would never store actual money of value in crypto anything.

pvg5y ago

If you trick me into an ACH transfer of 16 million, there will

Fun recent case - Citibank claims they fatfingered $900 million over:

https://www.bloomberg.com/opinion/articles/2020-08-25/citigr...

And they're having some trouble getting all of it back although the commentaries suggest that they (eventually) will.

1 more reply

BTCOG5y ago

lgregg5y ago

This is exactly the reason why I don’t use crypto currencies.

swyx5y ago

unless a bank wouldnt serve you, like for sizable parts of the economy.

3 more replies

eastbayjake5y ago

crtasm5y ago

1 more reply

Ansil8495y ago

> For all the shit coinbase gets, it's difficult to lose your coins in this manner.

nemothekid5y ago

nodesocket5y ago

How do we confirm this actually happened? Perhaps I am being cynical, but people have been know to embellish and lie on the internet before? Shouldn't we be able to follow these funds on the ledger?

Hackbraten5y ago

https://news.ycombinator.com/item?id=24334393

arcticbull5y ago

Ah I remember when my bank app had a bug and someone stole $15 million dollars from me then when I asked for help they said not your keys not your dollars. Such is life!

ztratar5y ago

I am curious when crypto will get there. Maybe 10 years or so?

seibelj5y ago

bdcravens5y ago

I'd say 98% of the population. There's a very small percentage of the population that even understands what fiat is, and what problems cryptocurrency solves.

For that matter, a sizable percentage of cryptocurrency advocates either don't know or care either; their only concern is how much fiat they can trade cryptocurrency for.

zajio1am5y ago

> but things like this are actually trackable and reversible in that ecosystem

Compared to BTC, there are two differences - it is possible to identify an account holder and justice system can effectively force bank transfers.

knorker5y ago

It's not THAT hard to reverse transactions between EU banks.

E.g. when that pirate bay founder hacked a bank's mainframe and transferred money out internationally the banks sorted it out, sending it back, without a court.

rabidrat5y ago

nyghtly5y ago

It becomes a regular currency... that consumes huge amounts of electricity for no reason whatsoever.

https://www.vox.com/2019/6/18/18642645/bitcoin-energy-price-...

Scoundreller5y ago

Didn’t ethereum fork to rollback a hack they didn’t like?

1 more reply

ballenf5y ago

Wire transfers are not reversible after about an hour - as I mentioned the other day a good friend lost a house down payment due to fraud.

But I generally agree with the advice that the service banks and fiat currency provide is probably worth the cost for almost everyone.

iJohnDoe5y ago

Could you share some general details about the friend that lost their down payment?

Is your friend able to recover the funds?

How did it happen? Did the instructions for transfer get altered by someone?

Thanks.

1 more reply

gota5y ago

Honestly would like to know how you see it would "get there". In my mind, the 'fiat' part of 'fiat currency' and government-coupling are what gives the financial system the safeguards, so...?

I mean, it is always the state, if you follow the string to the end, that oversees and enforce compensation, rollback and error correction.

What kind of fully-distributed non-autoritative algorithm can do that?

mianos5y ago

bdcravens5y ago

Cash transactions aren't reversible or easily tracked.

knorker5y ago

Which is why it's not used for important purchases. Except illegal ones.

1 more reply

Barrin925y ago

moltar5y ago

Tell that to North Koreans.

https://www.nytimes.com/interactive/2018/05/03/magazine/mone...

abakker5y ago

probably never, honestly. Many people still feel that the guard rails are bugs, not features and imagine that things like this will never happen.

tutfbhuf5y ago

It should be somehow made possible to reverse transactions (like theft) with some sort of distributed consensus.

knorker5y ago

They first have to understand that reversibility is a feature. One of their core beliefs is that's it's a bug.

Canada5y ago

What he did was reckless. Some people are going cry that Bitcoin is unsafe because of this. It's not. You must handle large amounts of cash or gold or other valuables with care.

herpderperator5y ago

Bitcoin is all online. The analogy doesn't work: your gold bars are being driven around town all day and night in public view, already.

In this case, it's just the fact that the access was granted at the application level when the user logged into their wallet, which is like giving someone keys to your car by mistake.

jkepler5y ago

No. One can store keys offline. That's what hardware wallets do.

1 more reply

coronadisaster5y ago

You have to keep them in an encrypted container.... Then you can email a backup to yourself

captn3m05y ago

From looking at the transaction history, looks like it was an actively used account, even.

addcninblue5y ago

This looks like the relevant transaction: https://www.blockchain.com/btc/tx/ef600c380a239d9b929c6c964d...

Xcelerate5y ago

If I had that much in an old wallet, no way would I touch that myself or allow it anywhere near the internet. I would hire a team of experts and get the transaction over to my bank insured.

herpderperator5y ago

Do any big banks offer a BTC account?

vmception5y ago

Its kind of crazy that the phishing attack people are still operating those servers for all these years! But since they pay for themselves no reason to turn them off.

The knowledge gulf is so wide in cryptocurrency that schemes are resurrectable every bull market

willemlabu5y ago

Here [1] is the explanation:

    I had 1,400 BTC in a wallet that I had not accessed since 2017. I foolishly installed the old version of the electrum wallet. My coins propagated. I attempted to transfer about 1 BTC however was unable to proceed. A pop-up displayed stating I was required to update my security prior to being able to transfer funds.
    
    I installed the update which immediately triggered the transfer of my entire balance to a scammers address.

[1] https://github.com/spesmilo/electrum/issues/5072#issuecommen...

pkrefta5y ago

With big money comes big responsibility. Storing $16M should be taken very seriously and probably most people have no clue about that.

bpodgursky5y ago

thebean115y ago

I completely disagree, only the first $250k is insured. I would never store $16M cash in a bank. You aren't protected against the bank becoming insolvent.

2 more replies

Canada5y ago

brutuscat5y ago

Until you can't https://en.wikipedia.org/wiki/Corralito

sjs70075y ago

I have more faith in the banking system but even there it can get tricky: https://news.ycombinator.com/item?id=24222045.

chipgap985y ago

1 more reply

paulcole5y ago

Yeah that's because it's a bank not a pseudo-facsimile of a bank.

abfan11275y ago

is it fair to say he could put that $16M in a digital equivalent of his mattress? Had he placed in a reputable exchange, or spread the coins across multiple exchanges, he would have been safer?

notRobot5y ago

Stuff like this is why you shouldn't use a lightweight wallet and should use the official wallet, or at least host a full node.