Bitcoin developer reports $3,3 million loss due to PGP error
Luke Dashjr, a BTC developer, said that his bitcoin was compromised due to a PGP vulnerability.
Luke Dashjr, a Bitcoin core developer, alleged that his wallet was compromised owing to a compromised Pretty Good Privacy (PGP) key. Dashjr’s wallet had several outbound transactions totalling over 200 BTC on December 31, resulting in an estimated loss of assets worth around $3.3 million at current market pricing.
Pretty Good Privacy is an algorithm for encrypting and decrypting data. It may be used to encrypt data stored on a server in order to prevent unwanted access or modification. Notably, PGP-generated keys may be used to authenticate the authenticity of particular data, such as a software download.
While the specific nature of the vulnerability has not been proven, many believe Dashjr’s server may have been compromised in order to steal data, including the private keys to his bitcoin wallet. Dashjr said that his server had been hacked in November.
Banteg, the pseudonymous creator of Yearn Finance, said on Twitter that the occurrence may be a possible red flag “a supply chain assault” When a hacker alters software by introducing malicious code into a system, supply chain assaults occur. In this instance, it is conceivable that the hacker acquired access to Dashjr’s server using a compromised PGP key and then extracted the private key to his hot wallet, which was linked to the server. A formal inquiry is required to corroborate this, though.
The event has attracted considerable attention. The CEO of Binance, Changpeng Zhao, said that his team will freeze the funds if they were moved to the controlled exchange.