Hacker News new | past | comments | ask | show | jobs | submit login
Hamilton teen embroiled in FBI probe, fingered in $46M cryptocurrency theft (thespec.com)
126 points by x1ph0z 5 months ago | hide | past | favorite | 178 comments

This is a fine example why nobody should rely on SMS "2FA" for anything.

SMS "2FA" is not actual 2FA

SS7/PSTN are horribly broken. People need to stop using them entirely, whenever possible, and stick to that as a firm principle. For the same reason why scam calls and fake caller ID are epidemic. Just disregard the existence of the PSTN, even if your phone has a DID, never give it to anyone or use it for anything. I say this as someone who's worked in telecom for 20 years.

Social engineering mobile phone operator customer service departments to execute a SIM swap attack is trivially easy if you already possess some basic personal info about the target.

You should never rely on having something important that's only protected behind a SMS-based password reset/login authentication module.

People love to say this, and while I agree with the general gist, there are a couple problems with this statement:

1. For large swaths of the population, hardware key-based 2FA or TOTP-based 2FA are too difficult to use, and they can also be more difficult to remediate if the user loses the hardware key or TOTP secret.

2. SMS 2FA is much better than nothing for most people. The bigger problem is when SMS can be used as just a single factor in account recovery scenarios.

3. There is a push to make telecoms more responsible for sim-swapping fraud: https://krebsonsecurity.com/2021/10/fcc-proposal-targets-sim...

> 1. For large swaths of the population, hardware key-based 2FA or TOTP-based 2FA are too difficult to use, and they can also be more difficult to remediate if the user loses the hardware key or TOTP secret.

This doesn't mean software providers should not offer the ability to use TOTP instead of SMS. This irritates me to no end when applications force me to establish MFA using SMS before I can also establish TOTP.

And sometimes no way to remove the sms ability to reset an account credentials for login even after totp is set up.

These same people who can’t handle pasting a 6 letter code from an app are also driving multi-ton vehicles on the freeway, one muscle twitch away from massive casualties. Scary. You don’t think that maybe they can learn?

I use Google Authenticator TOTP/HOTP. But when I first started using it, and was switching to a new phone, I learned the hard way that the keys had not been included in my backups. Sorting that out was a royal pain in the butt. Since then I have started ensuring that I have the keys backed up properly. But it’s one of those things that you might not realize until it happens. And it’s why even though I like to use it, I’d still be unlikely to recommend even to my family that they use proper 2FA instead of SMS based ones. Lest they end up permanently locked out of their accounts.

I switched to BitWarden for my ToTP needs and wouldn't go back. Having everything to hand, both on my phone and in my browser, saves so much time.

I keep BitWarden safe with a YubiKey.

Surprisingly it’s usually banking and investment company’s that require SMS based MFA. Including my main 401k brokerage.

In those cases I keep a google voice number. It’s also the same number I use to give to anyone/any company and it’s just on do not disturb 24/7. If I need to deal with a company on that number I just turn off DND. This practice of never giving out my actual number has drastically decreased the number of “car warranty” trash calls to my actual phone. They all go to that and generally a message is never left, and the phone doesn’t ring. Sometimes I get a voicemail of 3 seconds of dead air but that’s it.

I know a lot of people de-google but my thought is this isn’t a normal PSTN endpoint, and it’s not nearly as easy to sim swap, if not impossible but still works as a second factor. And I’m not aware of another service that can do it better and like it or not, google is a big target so I trust their auth over some other fly by night competitor.

My strategy for people that need to reach me by voice involves a one step IVR on my own asterisk system. This IVR is linked to a DID that I give out for this purpose. It answers and has a voice greeting prompt that says something like "press five zero zero to be connected". If someone does that, x500 initiates a new outbound call to my actual number, preserving the calling party's caller ID.

This cuts down on 99% of your car's extended warranty and IRS scam calls.

>If someone does that, x500 initiates a new outbound call to my actual number, preserving the calling party's caller ID.

Which provider allows this? Won't stir/shaken authentication requirements break it in a few years?

I am my own provider: incoming DIDs reside with a wholesale SIP trunking service. Outgoing SIP with the same provider, usually, though I have multiple possible routes. The asterisk system, I run myself. My outgoing caller ID (and my carrier's links to its upstreams such as bandwidth.com) are SHAKEN/STIR compliant.

This sounds fascinating and also completely over my head in terms of possibilities… is there a basic “getting started guide” you would recommend for someone who may not have the bandwidth to go all-in learning telephony from soup to bolts but would still like the benefits? :)

Wouldn't recommend it unless you do network/telecom stuff for a living, it has a bit of an ongoing time cost in maintenance...

some of the SIP trunking providers that have more focus on the consumer market such as voip.ms do let you define your own custom IVR and menus, to accomplish pretty much what I described, without having your own SIP-speaking system registered to it persistently. You should be able to define a voip.ms IVR destination as your cellphone.

Thinking about this a smidge, you probably can just use voip.ms to (a) order a DID (aka a phone number), (b) setup an IVR for the message, and (c) instruct them to dial an [internal to your account] extension that forwards to your real number, all on the voip.ms platform.

You wouldn't have to set anything up, just pay them for per-minute charge. You will have to pay 2x per minute, once for the inbound, and then outbound to your real number, ..... unless you go through the extra steps of setting up SIP phones.

FWIW; I've used voip.ms for a long time, and just a very happy customer. The biggest trouble they've had was availability issues a month or so ago when they were the victim of a DDoS :-/. You probably could pull off this trick with any of the pay as you go SIP trunking providers ...

How do the calls actually get routed to your phone? Via SIP, or through your cell provider (ie. it dials your phone's phone number)? If everything is over SIP, then it makes sense that everything is SHAKEN/STIR compliant.

at present I do it as the latter. My cellphone's direct number is an external destination on the asterisk system and it initiates a new outbound call to it, and bridges the audio/call from the incoming caller to it.

I can also do it direct over SIP if I want. The android linphone SIP softphone client is not bad. My cellphone can register to my asterisk system as the same extension as my SIP desk phone in my home office. Or if I want I can give it a new extension number and make my desk phone extension number, and the linphone softphone extension number part of the same ring group for me as a person. In which case I would send x500 from the IVR main menu to that ring group.

I generally don't leave linphone running and connected unless I'm actively using it because it can be a battery/CPU hog (in order to SIP register to my asterisk system I also need to be on my personal openvpn link, my server doesn't accept incoming connections from any public IP on the internet). So a combination of the openvpn client running and linphone simultaneously.

> at present I do it as the latter. My cellphone's direct number is an external destination on the asterisk system and it initiates a new outbound call to it, and bridges the audio/call from the incoming caller to it.

But under that scheme, would it still work SHAKEN/STIR? I would think not, because to your cell provider it's effectively indistinguishable from a bad guy spoofing caller ids. Or perhaps there's some forms or whatever you can fill out to get a certificate that allows a third party to spoof calls to you?

I called someone today and they appeared to be using a generic call screening service that offers exactly this feature - a computerized voice asks you to enter a random number to be connected.

I didn't even randomize mine, it's literally the same greeting every time and a fixed extension number. Just the fact that it exists as a roadblock to listen to, comprehend and put in some DTMF tones seems to stop 99% of the scam calls.

I'm guessing most scammers don't even hear your prompt. I have a simple, short, "leave a message <beeep>" prompt and the vast majority of my scam voicemails go:

0:00 - 0:10: silence

0:10 - hangup: "Hello? Hello?"

once stir/shaken is in place, won't the underlying problem go away?

I'm surprised this works for you. Every time I've tried to use my GV number for MFA it's rejected. It's easy for companies to check if a number is assigned to a "legitimate" mobile provider and if not, they just don't accept it.

Is has come up occasionally. But not for anything that’s been a show stopper. I think discord was the most recent, which I use totp for MFA anyway but they want some type of verification or something.

I don't think this is good advice. Your intuition about the vulnerabilities is mostly correct, but the absolutism here seems likely to lead to worse decisions, not better.

> SMS "2FA" is not actual 2FA

That's not correct. I mean, of course it is. If you have SMS authentication as one factor and a password as the other, you're safe from compromise even if the carrier hands your phone number over to someone else. That's the whole idea behind 2FA, and it works here. A "SIM swap attack" is, contra the article and your points, not sufficient to compromise a working 2FA environment.

You need something else, like a crypto wallet system that uses SMS as a single factor, which seems plausibly to have been the case here.

> Social engineering mobile phone operator customer service departments to execute a SIM swap attack is trivially easy

True, but that's a hole in that one system that can be patched, and it's not something specific to the PSTN network at all (literally everything can be human engineered, including the customer service departments of authentication providers like Google/MS/Apple!). For example, require physical mail as a second (third) factor as an authentication mechanism and the whole problem goes away. This is already implemented for e.g. address changes, and it works fine.

Don't take a specific hole in one system as evidence that the system needs to be replaced or redesigned. That's generally a recipe for creating new security bugs, not fixing them.

NFC cards is obviously best way to do u2f yet Apple completely ignores it in their laptops..?


Also, do banks carry any liability if you are sim swapped? If so - wonder if the banks can get scammed that way instead?

How much does SIM-locking (i.e. adding a PIN to lock it) mitigate the risk in your experience? I understand that if the telecom service dept. is compromised it's useless, But in a low-effort social engineering attack are the telecom personal trained to suspect the lack of PIN?

Phone numbers are like social security number or at least a parallel identity where I live, Banking to vaccine happens through 2FA auth(Often only through it). Recently banks have started to advise SIM-locking to prevent SIM jacking; My cries to support hardware tokens have been in vain so far.

What's funny is SIM-locking was quite common during pre-smartphone era, I think the Nokias of those time even asked for a SIM-PIN with each reboot; Even then the customer service would just reset it when you said you forgot it. I don't think it would be any different now, after-all they just ask your name & address to confirm identity.

It feels like SMS based 2FA + Oligopoly Telecoms are a disaster waiting to happen.

For those without subscriptions. https://outline.com/3CRjpe

>That post has since been taken down, but many comments included criticism for leaving such a large amount of Bitcoin accessible on a phone.

Not to victim blame, but it really is odd to me that someone would leave any amount of BTC on their phone, let alone millions of dollars worth.

>The Hamilton teen faces charges of theft over $5,000 and possession of property or proceeds of property obtained by crime

I've always wondered why the line is drawn at $5,000. It's mildly interesting that stealing $46M and stealing $5,000 result in equivalent charges.

> Not to victim blame, but it really is odd to me that someone would leave any amount of BTC on their phone, let alone millions of dollars worth.

The SIM swap attack was used to access an online service where the BTC was stored.

I know the classic cryptocurrency trope is that Bitcoiners will move money to a paper wallet and then store the passphrase securely somewhere, but in reality that's about as attractive as cashing it out as 46 x (hypothetical) $1 million dollar bills and storing it in a safe.

In other words: Most people who have that kind of money really don't want to do anything like that. Most people who don't have that kind of money really overestimate how easy it is to safely and securely store something like that.

But that's beside the point. We could debate all day about storing paper wallets in bank safety deposit boxes or using Shamir's Secret Sharing or any other number of increasingly complex scenarios, but in practice most with that kind of wealth aren't really interested in locking it away and not touching it. If they want to make an investment, trade, or purchase, do they jump through all of the hoops to unlock and move some of the money and then securely store it all away again? Surely someone might, but in practice most people want it somewhere that that can trade, invest, transfer, and access with reasonable security.

This inevitably turns into one of those internet OpSec debates where people on the sidelines imagine scenarios where they are smarter than the victim (with the benefit of hindsight, of course), but in reality there are many, many people out there storing vast amounts of wealth accessible by 2FA with their phone and it's rarely ever a problem. Cryptocurrency makes this more complicated because the transactions are irreversible, fast, and (somewhat) easy to hide.

So if you happen to be internet famous for bragging about your Bitcoin wealth, definitely take steps to make it impossible for people to access it via phones or anything else. But you also probably want to obscure your physical location and invest in personal security, because in-person attacks are the next step. But in reality, a huge number of people have access to a lot of funds via digital access without such problems on a regular basis. It's fun to fantasize about ultimate OpSec, but in practice most people want the money accessible and tradeable on short notice.

I'll leave alone all of the comments which imply I don't know what I'm talking about and that I'm not very smart, suffice to say you don't need crazy secret sharing systems or bank deposit boxes or anything of the sort to prevent this attack.

A dead-simple soft-wallet, which requires about 2 steps to setup and 2 more to transfer and hold your millions of dollars in, would have prevented this. Roughly 15 minutes of time, at most.

You don't need to be the NSA to secure your crypto, as you seem to be implying.

> You don't need to be the NSA to secure your crypto, as you seem to be implying.

I said that people keep their funds hot to use them, not that you need to be the NSA to secure them.

Trust me, I know how to set up a crypto wallet and secure it.

The more important part of my comment was the "15 minutes tops to completely prevent this attack", but okay. (The reverse, getting your money back on the exchange, is even shorter! Maybe 2 minutes and a few clicks.)

>Trust me

No thanks.

While you may disagree with what PragmaticPulp had to say, the tone of this last comment is unnecessarily hostile.

They make several comments alluding to the fact that I am dumb and have no idea what I'm talking about, ignores every important bit of my comments, then concludes with "trust me", and I'm hostile for saying "no thanks"?

My apologies, I guess.

Hardware wallets aren't that cumbersome to use; it only takes a few minutes to move coins on/off. Waiting for confirmations takes longer than dealing with the wallet. For daytrading you'd definitely want to keep coins in an exchange though.

I'm speaking neither hypothetically nor in hindsight since I pre-ordered the first hardware wallet back in the day and have never lost coins.

A paper wallet can be password protected. Shamir's Secret Sharing can also be used with paper wallets. Practically everyone who messes around with serious amounts of crypto money has a more sophisticated setup than keeping it on a phone, even many people who only have a few hundred dollars worth have hardware wallets like a Trezor. Just because cases like the above happen doesn't mean they're the norm. Every once in a while you also read stories about someone leaving their suitcase full of cash on a train or such. But that doesn't mean the average cash user is that careless.

> I know the classic cryptocurrency trope is that Bitcoiners will move money to a paper wallet and then store the passphrase securely somewhere, but in reality that's about as attractive as cashing it out as 46 x (hypothetical) $1 million dollar bills and storing it in a safe.

That's very hypothetical, though. There are a few key differences:

1. Moving money to a paper wallet is not difficult in practice. Ideally, yes, you would generate the private key in an air-gapped computer running a secure operating system and print out the private key and the Bitcoin address, then incinerate the computer, storing away a second identical computer that doesn't have the wallet on it yet, and that would have a similar level of difficulty to buying and installing a safe. In practice, you can probably get better security than a physical safe just by generating a new wallet in Electrum, writing down the seed phrase, and deleting the wallet from Electrum. When you need to spend some of the coin you can reanimate the wallet, sign a transaction, and delete it from Electrum again. If your cellphone is backdoored then the thieves can loot your wallet at reanimation time, but that's probably harder than drilling a safe, most of the time.

2. As you point out, million-dollar bills are hypothetical. The largest US dollar denomination ever printed was US$10k, and the largest in circulation since 01969 is US$100. So, in practice, you're talking about a safe containing 460,000 US$100 bills, which will be very difficult to either acquire or dispose of without getting robbed.

3. The dollar inflates, by design, so it's a terrible investment. It's lost 96% of its value since the end of the gold standard in 01971, and an additional 6.2% over the last year. That's the reason why a safe full of dollar bills is a total failure for wealth preservation. Bitcoin suffers from a lot of volatility but it's structurally designed to not suffer from secular inflation, and in fact one of the principal criticisms of Bitcoin is that it's inherently deflationary. It seems to have returned an average of about 150% per year over the last 10 years: https://bitcoincharts.com/charts/bitstampUSD#tgSzm1g10zm2g25..., and while that trend surely must be nearly over (it can't continue for more than another 5 years and might already be over), it also clearly hasn't been suffering from inflation. In this sense, the most important difference, the dollar and Bitcoin are opposites.

Yes, it's true that there are people who like to gamble by day-trading cryptocurrencies, but most people who do that end up losing all their money. Investing wealth doesn't require your assets to be "accessible and tradeable on short notice"; it requires rebalancing asset classes every three months. Berkshire Hathaway makes a few dozen transactions per year. You don't need to make more transactions than Berkshire Hathaway.

You say, "there are many, many people out there storing vast amounts of wealth accessible by 2FA with their phone and it's rarely ever a problem," and in a sense that's true; it's relatively unusual to have a meltdown like the Argentine collapse of 02001 (where all bank depositors lost all the dollars they had in the banks), Mt. Gox in 02014 (where all Bitcoin depositors lost all their Bitcoin, about 850,000 BTC or US$450M), Bitfinex in 02015 (where their depositors lost about 1500 BTC), the Greek banking system in 02015 (where Greeks were prohibited from carrying more than 3000 euros out of the country and could only withdraw a limited amount of cash from their bank accounts for three years), and Bitfinex in 02016 (where their depositors lost 119,756 BTC).

But it would be a terrible mistake to conclude that, just because an event like this happens only about once every four years, it is unlikely to happen to you. It's true that it's "rarely ever a problem", but when it is a problem, it's a problem for millions of people, sometimes hundreds of millions. Hosted wallets do not and cannot offer "reasonable security".

Today I see a lot of people who are "trading Bitcoin" but actually holding Tether in Binance accounts (which has replaced LocalBitcoins as the retail hosted wallet of choice here in Argentina).

Tether has historically been backed by fraud, and it's operated by Bitfinex, which (as noted above) has a history of its customers' money mysteriously disappearing, and which is locked out of the world banking system.

Binance is banned in the US and UK, is being criminally investigated by both governments, and has had to move its headquarters from China, to Japan, to Malta, which also says they're investigating it. It's also being prosecuted in Thailand.

Without casting any aspersions on the integrity of Binance's people, it's clear they're at significant risk of having their assets confiscated, at which point all of their depositors would lose their deposits. And Tether is at significant risk of collapsing, either due to fraud or to mismanagement. So these people are dancing on a tightrope, and most of them don't even know it.

So, run a wallet on your own hardware. At least a thin wallet like Electrum. Or get a Trezor.

Is there a story behind the consistent use of five digit years?

It is a weird thing done in some futurist communities to call attention to the long amount of future ahead of us. It doesn't surprise me that there is overlap between these groups and bitcoin maximalists.

They’re really into octal.

Could it have been on an exchange or something that used his number for 2FA? I’m not sure how else a SIM swap could lead to access.

Yes, I should have been more accurate and said "accessible by phone", not necessarily stored on the phone.

One would think with any significant amount of crypto that you store it somewhere non-network accessible (at the very least, not holding it all in a single online exchange).

Yes. Likely Coinbase. SIM swap is such a well known attack vector, so it is pure stupidy to leave such high amount behind an SMS.

Seems kind of crazy to leave that amount on an exchange at all.

Yeah like, this happened years after the mtgox debacle...

It was a major exchange that did not understand what the 2 in "2FA" meant, yes.

Most exchanges did not have proper 2FA until the sim-swath-swoop of 2018-2020.

All major exchanges have supported TOTP (time codes) based 2FA since 2014. However it is a different matter if they force users to use TOTP, as it hinders adoption. Need to get that IPO done first.

I hate when companies ask for my phone number on sign up. At no point do I ever want that used for auth!

The first thing I usually do is enable OTP but I know some companies will still fallback to SMS.

>I've always wondered why the line is drawn at $5,000. It's mildly interesting that stealing $46M and stealing $5,000 result in equivalent charges.

A lot of those lines are drawn completely arbitrarily, and might be very old and haven't been updated to reflect inflation/rising prices.

A classmate of mine copped a felony property damage charge as the threshold was set at a mere $500 at the time, for a typical senior year high school rivalry prank and it really fucked up his life.

Tacking on the conversation about arbitrary and static dollar amounts in law.

There's an interesting effect where law makers can pass a law with static dollar amounts that seems reasonable at the time, but the force of inflation covertly expands the scope of the state's authority deeper and deeper into the society without any further action or political risk by present lawmakers.

A great example of this is the Bank Secrecy Act, which requires reporting of transactions greater than $10,000 to the federal government. At the time it was passed in 1970, $10k was the equivalent of ~$70k in 2021 dollars. $70k actually seems like a pretty reasonable amount as that's a very large transfer that the average person does very rarely for mostly legitimate reasons, like buying a house. It's easy to justify why the feds could use this data to investigate large scale criminals and money laundering. But as inflation has stripped away the value of the dollar, more and more people and activities are falling into that $10k limit.

Basically, the surveillance state gets to sneakily expand when laws are pegged to a currency that's constantly inflating by design.

And of course, governments rarely want to change these laws of antiquity, because it is perceived as being "soft on crime". The optics of it to a lot of the voting population is poor, even if the change is just to be in line with the original intention of the law.

> more and more people and activities are falling into that $10k limit.

Like what?

What do you mean?

$10k in 1970 was the equivalent of $70k today. So all the transactions between 10k-70k in today's dollars would not have been included in the original intent of the law, but are now included today. I won't pretend to know all the kinds of transactions that fall under that scope.

> It's mildly interesting that stealing $46M and stealing $5,000 result in equivalent charges.

The reason for the differentiation is not to make a $5k theft and a $46m theft equivalent. There is a threshold because, for instance: stealing some pocket change is not a serious crime, and stealing large amounts of money is serious.

>stealing some pocket change is not a serious crime, and stealing large amounts of money is serious.

I'm curious if you actually think that I wasn't aware of this? I don't think many people need that pointed out to them.

My comment was on the arbitrariness of the line, or why there is a single line at all (opposed to a gradient, or multiple "theft over x" categories, etc.).

To be more specific, the reason for that single line is because some legal systems (like in the US) have different "classes" of offense. That line is the differentiation for which class the crime is. The lesser could be a "summary offense" or "misdemeanor" and the higher a "felony"

I, of course, was not suggesting that you didn't know the difference in seriousness. I am stating that the difference in seriousness is the reason for the line, because the underlying legal system generally differentiates crimes this way.

Fair enough. I suppose if a single line must be drawn, it must be drawn somewhere. And that line is apparently $5,000.

It could be a function of amount stolen, victim's wealth, perpetrator's wealth.

That could very well be a sentencing guideline even if the crime is still called "theft over $5000"

Just because a crime has a title [x] doesn't mean that the sentence is always [y]. Often the laws will provide for a range of sentencing depending on other factors.

I'm not sure the general population knows any better.

It's bad and all and he is f'd, but "stole $46m" does sound like a pretty bad ass line item on a teen's wrap sheet.

I could be mistaken but it looks like the $5,000 is from the CA Computer Crimes statute. For larceny (theft of personal property) in CA the bar is even lower: $950.

Yep, in Canada there is two "thefts" generally: over $5,000 and under $5,000.

I was charged with theft under 5 when I was 14 after stealing two candy bars and a drink from Walmart. Same charge as I would of had if I stole a 70" flatscreen TV, or a top of the line computer.

It's not just in Canada. Have you ever heard the term "grand theft auto"? There have been two levels in almost every jurisdiction for a very long time: petty (small) theft and grand (large) theft. The dividing line in England used to be a shilling, for which you could be hanged or transported. Sixpence would get you a short-ish time in gaol/jail.

The story is about a crime in Canada, so it's relevant.

True, but the separation between grand theft and petty theft exists in pretty much every common-law country, and has for centuries - it's not a peculiarity of Canadian law.

Theft over is liable to a term up to 10 years. Theft under is up to two years. Two years or more is time in a federal institution. Anything less (eg. "two years less a day") and you're working for the province.

It basically comes down to if you steal more than $5000 you might go to a very bad place and if it's less, you only go to a slightly less bad place. The line has to be drawn somewhere, and no prison is a particularly good place so it really hardly matters.

Seems they need a new category, "theft under $5" haha

I feel like everyone knows why the line is drawn at such a value. So people like us can't afford to commit crimes, but the rich can.

In many cases the amounts were written into the law so long ago that money was worth maybe 20x as much, or more.

My favorite example of such is https://constitution.congress.gov/constitution/amendment-7/.

$20 doesn't buy as much today as it did in 1800. :-)

$20 doesn't buy as much as it did in 2020, either...

Compared to the purchasing power difference between 1800 and 2021, a dollar buys (almost) exactly as much in 2021 as it did in 2020. ("Almost" in parentheses, because at any reasonable precision, the 20/21 difference will probably round to zero.)

When they're big enough, differences of quantity become differences of quality.

And that's why we really need to start assigning equations rather than static amounts in bills

It's not exactly that, but in Belgium penalties written in law are an amount that is multiplied by a factor that is regularly updated.

It went from 5.5 to 6 in 2011, then to 8 in 2017 and is still there AFAIK. It seems a bit haphazardly managed to me, but it's something.

Alternatively we could maintain a stable currency people can rely on as a store of value.

Inflation was known to legislators back then so its way for legislators to lower the bar and catch more people in the future, without anyone picking up on it at the time.

Anyway fabricating evidence has been around for as long evidence has been needed to settle disputes.

I think that's a bit melodramatic. Lots of people can afford 5k without being part of waves hands "the rich."

What do you mean by that? $5000 isn't a fine, it's the amount stolen that moves the offense into a higher category. How does that translate into making the rich able to commit crimes?

Because a rich person can steal 50m and get penalized the same way someone like us would when stealing a paltry sum. Though my comment also implies the rich can easily drag out their court case and afford an army of representation so they don't have to deal with whatever sentence they are getting. Even though the sentence itself is a sham because stealing 50m dollars being punished the same as stealing 5k is obviously a sham.

No, it's literally the opposite. People who steal small sums -- i.e. in street crimes -- get a smaller punishment.

??? The law has the same penalty for any crime over 5k, its literally the parent comment I am replying to.

Those that get a smaller penalty, i.e. those who steal under $5k, are overwhelmingly not wealthy. Wealthy people are not snatching people's purses on the street.

Of course. But the point is that 5k is FAR too low. The difference between stealing 5k and 50m is far greater than the difference between stealing $200 and $5001. Now read all my comments with this in mind and maybe you'll get what we've been saying.

The line at $5000 does not ascribe an equal punishment to crimes below or above that point. It changes the class of offense. The penalty will vary based on circumstances within what those classes allow.


The only difference is in sentencing, and the difference is a lower upper limit on the length of incarceration for the lesser value stolen. There is no difference in the crime itself.

When random teen can easily steal $46M from a "Bitcoin pioneer" what hope is that for regular folks could make safe use of said value store?

The bitcoins were stored on a centralized exchange using a phone number as 2FA. Banks and brokerage accounts can be hacked the same way, though at least they'll make you whole if you catch it soon enough.

To really secure bitcoins, a hardware wallet or a passphrase in a safe deposit box are both pretty simple options that nontechnical people use all the time. Neither is expensive and both are widely known.

Holding the coins is one thing, transferring is another. I just transferred my bitcoin out of my paper wallets. I can promise you there is absolutely no way for a non-technical person to do this safely. What are they going to do? Visit some random website to sweep their wallets and hope their private keys are not stolen (which they will be)?

I haven't used a hardware wallet - I suspect they solve the transferring problem. But what's the risk my hardware wallet still works a year from now? 10 years from now?

I decided trusting Coinbase in 2021 is the most reasonable option for the amount I have. (Different calculus back in 2016). I admit I don't know what I'd do with 8-figure balances though.

Hardware wallets do solve that problem. Keep your 24-word passphrase somewhere safe, and you can use that to restore your keys into any hardware wallet, without plugging it in to a computer. The passphrase algorithm is a public standard, so if your hardware breaks, you can restore onto another one.

After that, plug the hardware wallet into a computer and you can transfer without the computer ever seeing your private key. The hardware wallet displays the destination address, which you should check.

I do agree that Coinbase is reasonably safe, as long as you use a strong password and 2FA, and don't give them your phone number.

> a passphrase in a safe deposit box are both pretty simple options

_If_ you can get a safe deposit box in your bank, that is. My local bank (Chase) is always sold out of boxes. Sure, you'll next say: change your bank. But the other one (BoA) is also out.

My point is, it's not such an easy option as you're making it out to be.

Funnily enough my bank very recently made me sign an agreement which precluded me from subleasing my safe deposit box. Maybe this is the next arbitrage opportunity.

When I shopped for a local bank branch that had safe deposit boxes (maybe decade ago), one of the bankers told me a lot of banks and branches were trying to get rid of their boxes, and not wanting to include boxes in new branches.

I managed to get a box in the basement of the BofA in Harvard Square back then, and kinda wish I'd kept it, since I doubt I could get one today.

Maybe stop going to big corporate banks?

I got one last week without any issue.

Yeah I remember trying to open one in the bay area a while back. My local bank had a wait time of more than three years for a box.

So back to shoving cash under the bed, essentially.

> Neither is expensive and both are widely known.

I'd say that ~97%-99% of the people in the US and Europe have no idea how to use a hardware wallet. The vast majority have no idea what a hardware wallet is. You're very far off the mark in your estimate.

Bitcoin is at the adoption stage where the general public is only beginning to use services like Coinbase. They do not know how to use a hardware wallet, most of them do not know that such a thing exists.

> Bitcoin is at the adoption stage where the general public is only beginning to use services like Coinbase. They do not know how to use a hardware wallet, most of them do not know that such a thing exists.

You are creating a persona tailored to back up your argument. It is not that strange that a good chunk of "common people" buying right now bitcoins know what an hardware wallet is, at least as a concept (not the tech implementation obviously).

I think you should increase that by an order of magnitude. I'd be very surprised if more than 1/1000 could describe how to safely use a hardware wallet properly.

The vast majority of people in crypto know what a hardware wallet is

Not really sure how this is relevant, seeing how the original comment said

> what hope is that for regular folks could make safe use of said value store

I just googled "how to safely store bitcoin" and a bunch of articles with good, simple advice came up.

But is it foolproof?

"Why Johnny Can't Encrypt" was published decades ago. With this stuff you cannot make any mistake. PGP advice appeared to be good and simple, yet people made errors all the time. I wouldn't expect this to be different.

Hardware wallets are considerably simpler than PGP. I can only think of two ways to screw up:

1) Lose the passphrase. The device does quiz the user on words of the passphrase upon setup, to be sure the user at least wrote it down. Hopefully this reinforces its importance. Ledger provides a card to write the words, with prominent instructions to save it somewhere safe.

2) When sending, don't verify on the device's display that you're sending the money where you think. But the display is right there on the device, and displays the destination address while waiting for you to push a button right next to it.

For smart contracts it helps to get a larger device that shows all the contract parameters, but for simple sends that's all there is to it.

This shows a fundamental misunderstanding of how cryptocurrency works. Bitcoins aren't stored anywhere. You don't need to get hacked; to have your bitcoins stolen.

If you want to be pedantic about it, you have to store your private key securely.

The difference is that often the institutions (i.e. banks and brokerage firms) are often repay lost funds or can reverse the transactions where as here it is a lot harder.

This explanation doesnt make total sense to me, so 2FA, by definition is two-factor. This explains how one factor was compromised. How was the other factor compromised?

You may be right. A lot of orgs will happily let you use SMS for 2FA at login, but let you recover your account with that same SMS, making it 1FA x 2 (or 0FA, to line up with RAID 0)

Probably password reuse, then leaked. Like you'd see on https://haveibeenpwned.com/

The issue is that most communication is centralized between two companies, Verizon and ATT, and those companies have employees that are very, very fallible.

We need to decentralize our communication infrastructure.

No real reason to point the finger at people at Verizon and ATT are more fallible than others. Almost anyone can fall for social engineering if done right/often enough. I know you probably think you're too smart to be fooled like that, but that's exactly how you'll fall to a scam.

The people Verizon/ATT are more fallible, because of the implicit risk/threat model that is imposed on us by duopolistic infrastructure.

They have vastly more power without the required training.

This asymmetry makes them larger targets, and therefore, more fallible.

ATT/Verizon employees are the weakest link in almost all threat models, including our national one.

I don't think I am personally infallible; and I am/used to be the reason you have to take cyber, social engineer, and spear attack trainings every year.

It is because I know the true weakest links (humans with unrelegated access) that compel me to remind others:

do not use SMS for 2FA.

There are other ways of getting the nonce/temporal secret to the end-user without pitting the security to a overworked 27 year old druggy CSR in upstate new york.

Eh to be honest your whole argument fell apart as I read the last few words. Hope you change your outlook on the world, for your own good.

That's a problem for sure, but it's not the problem here. The problem here is cryptocurrency trustees implementing snake oil "2FA" using the PSTN, which was never intended to provide the needed security properties.

>When random teen can easily steal $46M from a "Bitcoin pioneer" what hope is that for regular folks could make safe use of said value store?

That's easy. Regular folks don't have $46M to store. Also being rich doesn't mean you always take the best decisions.

The stolen sum was taken from a centralized, bank-like account. Not your keys, not your coins.

Given how incredibly likely people are to trust these untrustworthy organizations, not much hope regular folks can be safe.

People steal USD from companies and people all the time.

"What hope is that for regular folks could make safe use of said USD?"

It will take some time for the infrastructure to mature.

It's been 10 years, meanwhile everyone is hyping up how awesome and fast-moving the "web3" space is and how all the best developers have left their day jobs and are building for it. What's taking so long?

Nothing in this incident is to do with "web3" tech, the coins were on an exchange which is centralized "web2" tech.

They're literally building all the foundational infrastructure from scratch. It took the web a long time to mature as well.

"How can I safely authenticate myself" is not being built from scratch. People were working on that problem for many decades before Satoshi came along.

web3.js has been around for at least 5 years. Think how much the WWW evolved in that amount of time.

Think about how far we came from bitcoin to ethereum and defi.

I might be wrong, but my concern is that attackers will mature as well. At the end of the day, putting your security entirely in your own hands is a level of liability that most people aren't willing to take on. I like some of the ideas in the cryptocurrency space, but I really wish they would openly contend with the fact that centralization has its benefits.

And until then? We just say "oh, fraud, oh well"?

This is what banks and credit card companies do already. It's the cost of doing the business. If someone steals your credit card and uses it then you're not responsible, the bank is. And you get your money back. But there's no such recourse or security for individuals in this new system.

Straw man argument.

If you're going to steal a large amount of Bitcoin, you should probably have a plan on what you're going to do with it that doesn't include buying a gaming username that can be trivially traced back to you once you use it.

It seems some financial crimes/frauds are easy to commit even for a not very clever individual.

Is this Hamilton, Ontario, Canada?! Unclear

Also, Josh Jones, the founder of DreamHost? wow. heh

Edit: Sorry, because I read it on outline/archive I didn't see the glaring Hamilton Spectator logo at top and related Canada nav. Thanks

Yes, the same Josh Jones.

He also created bitcoinbuilder.com, which among other things, brokered the sale of people holding Mt. Gox bitcoin after it collapsed. If you held bitcoin on Mt. Gox, you could sell it to him and he then resold those rights.

Now that it looks like there is a settlement coming next year, he is still sitting on a mountain of coin.

Pretty amazing that he got hacked. He is super technical. In other words, it can happen to the best of us.

It is in the text as well.

> Jones first reported the theft to the Los Angeles FBI, who then brought in other U.S. and Canadian agencies as the investigation grew.

"leaving such a large amount of Bitcoin accessible on a phone"

"A SIM swap attack [...] gives the hacker access to the victim’s phone"

Is it just me or this article massively misrepresenting what a SIM swap attack actually does? Unless there's more to the story, no one got access to Jones' phone. They intercepted 2FA SMSes so they could get access to a wallet service or whatever.

It's easy to steal bitcoin (for some definition of easy).

The hard part is cashing it out. As Breaking Bad used to say, what criminals want is to pay taxes on their criminal proceeds.

Here is my guide for laundering Bitcoin https://capitalgram.com/posts/how-to-money-launder-bitcoin/ - it should give some useful tips.

Anyone using your guide will be caught if the FBI goes after them.

Your guide basically says use Binance/OTC, a fake ID and this bank.

And you have zero stuff about actual money laundering - ie, justifying $46 mil suddenly appearing in your name.

> And you have zero stuff about actual money laundering - ie, justifying $46 mil suddenly appearing in your name.

In China and Russia they give you a party membership if you manage to steal such an amount from a Western individual or a company.

In Dubai, that is an US ally, they just do not care. You can march to a shop with $2M cash or Bitcoin and buy a lambo. Just move to Dubai. They have financial regulator compliance, but it is just on the paper and in real life you get away with anything. Dubai is for crooks and shady money. These is no extraction treaty. The lifestyle is bling bling, good for crooks that want to flash their rolexes.

You need to be really really stupid getting caught in Dubai, but it may happen if you are too outrageous:


Bitcoin makes this trivially easy… “I mined it a long time ago and forgot about it until now”

Isn't that easily verifiable?

One expert told us that the chance of catching illicit actors is “magnitudes greater” using blockchain than in the traditional banking sector. Another went so far as to say that “if all criminals used blockchain, we could wipe out illicit financial activity.” https://cryptoforinnovation.org/resources/Analysis_of_Bitcoi...

except that everything is time stamped

Become an "artist" and buy NFTs from yourself?

pro tip: you don't have to launder $46 million at once. you can treat it like a lottery annuity and just skim off a little here and there.

Some years ago a Dutch teen bought a house with $100k money from stolen bitcoin. He was caught and arrested because he couldn't justify the money.

You also need to worry about algos that 10 years from now will analyze bank transfers, purchases ...

Just move to a place where they do not worry about justifying the money


Canada is already that place. That's why their local purchases didn't catch up with them, but something to do with a (likely) US service.

He should have run just a failed ICO and pocketed the funds as fees to related parties. I understand this is how Metakoven, the NFT king, got his start? https://www.reuters.com/investigates/special-report/finance-...

Better to claim incompetence than it is to actually steal.

another bitcoin bandit bites the dust.

I bet he bought an xbox gamertag from the most recent exploit.

These kids really do think the 3 letter agencies arent watching, no matter how many of their close friends get v&.

The blockchain is forever, and the statue of limitations no longer applies.

That verizon/att employee from 2018 will get caught, he will give up an alias, and the feds are interested, now that the coins have value.

and assuming the feds arent dirty (they are), you have 5 years to run. If the fed assigned to your case decides he wants the coin personally, you have 5 monthes.

lol way too premature to say that. if he gets off easy by being a youth, he can still walk away with tens of millions of dollars. If the rest of the btc cannot be recovered, likely when he is released from jail or custody, assuming he is even convicted, he will still have it. If he is not extradited and charged in the US, then he is pretty much guaranteed to exit with his fortune intact. Canada has pretty lenient justice system.

What's the likelihood that the other $39M is parked with the prosecuting agents?


Not 0.

If you own a lot of crypto and it's still protected by SMS auth, you need to disable that (edit: in favor of OTP). If you can't, you need to buy a dozen prepaid sim cards and use them randomly. Or pay someone to do it for you. Very cheap in comparison to a theft.

Or maybe anyone that claims to be a security person worth their salt (on the companies doing 2fa) need to sunset SMS 2fa and use OTP instead, at least

True, and coinbase appears to do that (I say "appears to" because I don't know what they would do if I actually tried to reset my password and cajoled them into using my phone number to do it.)

Unfortunately, some orgs, and even more unfortunately, some banks, still require/force SMS mfa.

OTP is only marginally safer than SMS. Phishing is a far more common threat than SIM-swapping.

Wouldn't a dozen prepaid SIM cards mean 12 times as many things to defend? Also wouldn't anyone you paid to "do it for you" need to be trusted, undermining the no-trust principle of cryptocurrencies?

Yeah, it would require some thought. If you randomly rotated through the different sims it might help. I was thinking that someone else might be a good idea so that it would be harder for an attacker to figure out your number. I'm assuming that if you buy any phone service, prepaid or postpaid, that someone would be able to find it on those people search sites. But maybe all you really need is to have a number strictly dedicated to each value store, never used for communications.

> you need to disable that

Might need a bit more elaboration there. You want people to turn off 2fa?

In favor of offline OTP I meant. Although there's a case to be made that having no mfa might be more secure than SMS mfa, if that can be used to recover access to your account (at which point it is no longer Mfa, but just a)

Honest question:

We are all the bitcoin multi-millionaires storing their coins? It seems like in an ideal world, you would use https://trezor.io and put that in a safety deposit box, or maybe use Coinbase Vault, but I am generally curious what is the current consensus on the safest ways to store these piles of digital money.

Jameson Lopp has a nice section in his Bitcoin resources site:


Look, e.g. at the Cold Storage section,

If you are truly paranoid, then follow this protocol:


thank you

There's no consensus because there's no best answer. Here's an example of what you could do.

Generate a new seed phrase on a hardware wallet. Encrypt the seed phrase using https://github.com/FiloSottile/age and print out the encrypted seed. Store the paper in a safety deposit box. Keep the hardware wallet at home in a safe.

Write down the encryption key and the hardware PIN in an envelope to be opened in the event of your death.

All that said, this particular example is vulnerable in that you could be held at gunpoint and lose everything. So next we start talking about cold wallets vs hot wallets...

> Generate a new seed phrase on a hardware wallet

Now you're depending on the random number generation of a hardware wallet. And (possibly) depending on its method of deriving multiple private keys from a single seed phrase.

This is true! If the hardware can't be trusted, we can generate seed phrases from any secure source of entropy.

Trezor with a semi-gapped laptop. Connect the PC to synchronize your wallet, disconnect, sign the transaction, copy the transaction somehow (ie: QR codes), verify your transaction inputs/outputs, broadcast transaction. You can also go fully air-gapped by manually synchronizing instead of connecting to the internet.

Edit: Alternatively, you could upload transactions via images (airgapped laptops) and sign them with your trezor (on the airgapped laptop). That should give the most security.

Move all the coins to a new wallet.

Make that wallet have a split private key, such that say there are 13 keys, and any 9 are required to access the funds.

Distribute those 13 keys, on paper, in sealed envelopes, to 13 different locations. Make each location have at least basic access control - either a door lock, or held by someone you trust with specific instructions about who is allowed to access the paper.

Distribute instructions to trusted friends on where to find the 13 things, and what conditions are needed to access them. For example "Hand over to londons_explorer only. If you know he is dead, hand the key to XYZ person. If you cannot contact XYZ for over 5 years, destroy the envelope."

So some exchanges use TOTP 2FA (which is more secure than SMS). And some people like to copy their 2FA 'seed' which is usually a QR code that they store somewhere securely. Amazing how a simple QR code (or even a recovery code) can be worth so much.

>U.S. investigators discovered that some of the stolen cryptocurrency was used to buy a unique online gaming name.

Can bitcoins be tracked?

Of course. Bitcoin is an open ledger that permamently records the flow of tokens to and from each address. You may not know who owns a given address, but if you can tie an identity (by way of KYC laws) to a given address in a chain of transactions, you can "follow the money" as you will.

This, along with the energy requirements of crypto is why I don't/won't put any money in it.

Under that reasoning you shouldn't interact with any humans or technology at all.

There should be a rule against regurgitating talking points without adding to the discussion, but I'll humor you.

I invest solely in crypto because the banks and federal reserve have scammed the common people more than any sole individual.

The government prints money knowing full well the common person will bear the burden of inflation.

Does his name happen to be Freddy?

Just use webauthn...why is so hard to get that sms and otp is flawed?

its funny to think that if bitcoin crashed tomorrow all this could be for $2.84c


I hope Elon Musk keeps his bitcoins safe. :D

> "Just the fact that everyone on earth thinks that Bitcoin is crazy, and no one is telling me why, doesn’t matter,”

Says the biggest known victim of a crypto heist in a private person.

Ain't this ironic.

I guess I should spell out that centralization is a feature?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact