The world of crypto trading and investing can still be a minefield to the uninitiated. Stories of hacks and scams are still commonplace affecting both individuals and huge companies. Some sensible security precautions are necessary in this digital age as one BBC journalist found out the hard way.
$30,000 Ethereum Stash Pilfered
In a self-confession styled report on the BBC website today, technology of business reporter Monty Munford has revealed how he lost his crypto stash through a seemingly innocent mistake. The tone is clearly one of disdain for the industry, which he describes as a ‘murky world’, following the theft of £25,000 of cryptocurrency from his wallet.
Munford begins by detailing how he got into crypto, describing himself as a ‘lunchtime-adopter’. According to the report, he invested in mid-2017 and selected Ethereum ‘figuring that it was a long-term plan and might even become a nest egg for a pension.’ Earlier he said he hoped it would emulate bitcoin’s meteoric rise which hadn’t occurred yet so something in the time line does not add up, maybe it was 2018.
Describing the experience as ‘utterly terrifying’ he added that he opted for an online wallet as opposed to a crypto exchange for fear of hacks and security breaches. Selecting MyEtherWallet, he now had both public and private keys to the ETH stash. He was aware that the private key needed to be stored securely but then came the screw up:
So I printed it out, but also made the fateful decision to store it in my Gmail drafts, so I could copy and paste it when I needed to make a transaction rather than laboriously typing it out each time.
Putting a private crypto key onto Google’s email servers, or any third party free email service, is akin to leaving a real key in a car, with the engine on, and not expecting someone to drive off with it.
Munford only realized the mistake when he tried to access the wallet at a later date after it had been cleared out. There is very little recourse with crypto and unfortunately he found out the hard way since MEW accesses the tokens directly from the blockchain. In hindsight it would have been safer to use an exchange, many of which now have dedicated funds to cover cyber theft from their hot wallets.
BBC Journo Funds Still Missing
His research into the crime led him to Binance wallets which were used to bounce the stolen loot to other wallets. The world’s top exchange did not respond fast and proved uncooperative until official crime numbers and reports were obtained. Feeling despondent, he then contacted US bounty-hunters CipherBlade who work with the FBI to track down cyber criminals.
A little more information on the theft was revealed but chances of getting the lost Ether back were slim. Social engineering or a phishing scam may have been used to access the Gmail account, or malware may have tagged the keystrokes or copy/paste actions. Either way, this crypto investor won’t be back, labelling the scene as a ‘savage bazaar where criminals can pick your pocket at will’.
The report, while laced with bitterness and blame over the entire experience, is a stark warning about the importance of protecting your private keys and not relying on third party email providers to do it for you.
How do you think Monty should have handled his crypto? Add your thoughts in the comment section below!
Images via Shutterstock