260 million BTC and BCH are missing, the giant whale suspected to use Blockchain.info service

On February 22, Beijing time, a giant whale named “zhoujianfu” in the forum broke the news that he had just lost 1547 BTC and nearly 60,000 BCH, and is currently worth nearly 260 million yuan. It is reported that the true identity of the giant whale is suspected Founder of Bitcoin Builder, Josh Jones, and one of Mt.Gox's largest creditors.

According to him, the hacker appears to have stolen his cryptocurrency through a SIM card.

As of press time, some of the stolen bitcoins have been split up by hackers in small amounts. According to the monitoring system of Beijing Lianan, these coins have been mixed with small bitcoins transferred from some exchanges.

The coin's founder Pan Zhibiao also confirmed on Weibo about the incident. He also stated:

"Technically speaking, restructuring the double spend is still too late."

4

The so-called restructured double spend refers to a 51% attack on the blockchain, which can be retrieved by rewriting the history of the blockchain. However, this method is extremely controversial.

As early as May 19, the exchange of Binance's bitcoin hot wallet on the exchange had also occurred. At that time, about 7,000 BTC of asset losses were caused. Afterwards, the exchange also hoped to recover the loss by restructuring the double spend method. Bitcoin, however, did not get the consent of such miners because this approach would seriously damage the immutability of the blockchain.

Therefore, pinning hopes on restructuring double flowers is actually not realistic.

Victim suspected of using Blockchain.info service

According to the information available, the giant whale can control the private key by himself (he performed signature verification), and claims to have been attacked by a SIM card. In response, the SlowMist security team analyzed:

"Guessing is that a well-known decentralized wallet service is used, and this decentralized wallet actually needs SIM card authentication, which means that there is a user system that can turn on two-factor authentication of SMS based on SIM card. It's Blockchain.info. "

Netizens of r / Btc Forum also believe that it is likely to use the service of Blockchain.info, and its analysis states:

"He may have used a Blockchain.com wallet because the relevant BCH transaction has 546 Satoshi inputs and outputs."

Another netizen, "Shadowofashadow", confirmed that the giant whale was also a victim of Mt.GOX. It did use the Blockchain.info wallet and had at most 10,000 BTC in the wallet.

WechatIMG18

How to prevent SIM card attacks against large cryptocurrency players?

In fact, SIM card attacks are a very common type of attack. The target of this type of attack is usually a celebrity with a precious social media account or a whale with a large amount of decentralized assets.

The target of the attack, Josh Jones, belongs to the latter, and he belongs to a very high-profile type. The signature claims to be a billionaire.

In June 19, Sean Coonce, Bitgo's engineering director, also exposed himself to a SIM card attack, and was stolen by a hacker for $ 100,000 worth of cryptocurrency. He suggested that after review:

"1. Use a hardware wallet to protect your cryptocurrency: If you are not transacting at any time, save your cryptocurrency in a hardware wallet / offline wallet / multi-signature wallet, instead of leaving funds idle in the trading platform .

2. The secondary verification based on mobile phone SMS service is not secure enough: whether you want to protect online assets or online identity, please use some hardware equipment to enhance protection measures. In this way, in order to carry out the attack, the attacker must get your equipment to store cryptocurrencies in real life.

3. Reduce your online traces: Suppress your urge to share personally identifiable information online (for example, your date of birth, address, pictures with geographic information, etc.). In the event of an attack, all such publicly available data is likely to be used as a tool to launch an attack.

4. Google's voice secondary authentication: In some cases, online services do not support hardware-based secondary authentication (they rely on weaker SMS service secondary authentication). At this time, you'd better create a Google Voice phone number (it cannot be transferred via SIM card) and use Google Voice Phone as your secondary verification tool.

4. Create another email address: Don't bind everything to the same email address. Create another email address for some very important online identities (such as bank accounts, social media accounts, cryptocurrency trading platforms, etc.). This email address must be kept secret. Do not use it for any other content. Use hardware-based secondary authentication to enhance the security of this email address.

5. Offline password manager: Use the password manager to enter the password. It is best to use an offline password manager, such as Password Store (a software for managing passwords).

"

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Blockchain

Bloomberg: The currency stability exchange's own stable currency will be issued in "weeks to one or two months"

According to Bloomberg News, Wei Zhou, chief financial officer of Binance, the main cryptocurrency exchange, said in ...

Web3

Uniswap, the most successful American Internet Fintech company benefitting from the Web3 dividend.

Ultimately, it is the users who end up paying for faith. However, there is also this saying the most imaginative asse...

Blockchain

Hong Kong Cryptocurrency New Policy's One-Year Anniversary A Year of Major Leaps and Key Milestone Review

Over the past year, Hong Kong has made great progress and shown strategic development in virtual asset policies. Sinc...

Policy

Crypto Exchange FTX to Sell Trust Assets: Debtors Making a Desperate Cash Grab!

The debtors have suggested forming a pricing committee that includes representation from all stakeholders in addition...

Blockchain

Is an exchange losing $ 250 million in cryptocurrencies a Ponzi scheme: Quadriga Bizarre Story

Written by: Nathaniel Rich Translator: Zhan Juan Illustrator: Bianca Bagnarelli Original article published in Vanity ...

Bitcoin

OKX will launch a signal strategy and has now opened a signal provider recruitment.

The signal strategy function is expected to be officially launched in August to September 2023. This function will al...