After a PGP Key Exploit, Bitcoin Developer Luke Dashjr Alleges a Loss of $3.3 Million

Published on:

Last Updated on January 2, 2023 by Bitfinsider

Developer of the Bitcoin core Luke Dashjr alleged that a Pretty Good Privacy (PGP) key compromise led to the hacking of his wallet. On December 31, Dashjr’s wallet made a number of outbound transactions totaling more than 200 BTC, resulting in an estimated loss of assets worth $3.3 million at the time of writing.

Dashjr said in a tweet on Jan. 1: ““My PGP key is compromised, and at least many of my bitcoins stolen,” and added that he had no idea how was it lost. He did not specify how the attackers got hold of his PGP keys.

Source: Twitter

Pretty Good Privacy is a cryptographic method that works via encryption and decryption of data. To prevent unauthorized access or alteration, it can be used to encrypt data that is stored on a server. Notably, PGP keys can be used to validate a particular piece of data, like the validity of a software download.

Many believe that a server Dashjr utilized may have been accessed in order to steal data, including the private keys to his bitcoin wallet. However, the specific nature of the attack has not yet been determined. Dashjr said that his server had been compromised in November.

The Yearn Finance engineer who goes by the alias Banteg suggested on Twitter that the incident might have been a “supply chain attack.” Attacks on the supply chain take place when a hacker accesses a system and alters software by inserting harmful malware. In this instance, it’s conceivable that the hacker used a tainted PGP key to get access to Dashjr’s server and then stole the private key from his hot wallet that was linked to the server. A formal investigation has not yet been conducted to verify this.

There has been a lot of interest in the occurrence. Changpeng Zhao, CEO of Binance, said his staff was keeping an eye on the assets and would freeze them if they were transported to the centralized exchange.

Hardware wallets are safe and secure devices that can be used offline. They keep your cryptocurrency offline, making it impossible for you to be hacked. To find out more on the leading hardware wallets, you may view our reviews here: Ledger & Trezor
Disclaimer: The views and opinions expressed by the author, or any people mentioned in this article, are for informational purposes only, and they do not constitute financial, investment, legal, tax or other advice. Investing in or trading cryptocurrency or stocks comes with a risk of financial loss.