The hacker collective CiberInteligenciaSV began distributing the wallet’s source code after leaking the whole Chivo user database in early April.
Hackers are releasing more sensitive information about Chivo, El Salvador’s state-operated Bitcoin wallet. The story is becoming worse by the day.
On April 23, the CiberInteligenciaSV hacker organization made some source code public on the BreachForums black-hat hacking criminal forum.
“This time, I offer you the code that is within the Bitcoin Chivo Wallet ATMs in El Salvador. Keep in mind that this is a government wallet. As you know, we do not sell anything; everything is published for free for you,” the hacking group said.
This is the latest in a string of incidents resulting from the Chivo breach, the most recent of which was the May revelation detailing the public disclosure of personal information belonging to 5.1 million Salvadorans, or almost the whole adult population of the nation.
On April 22, the cybersecurity initiative VenariX went to X to inform people about the impending breach. The tweet made reference to the CiberInteligenciaSV Telegram group, where the developers discussed their intentions to make the source code public.
“If one of you curious government officials wishes to speak, we will publish a portion of the source code and VPN access associated with Chivo Wallet tonight, for free as always,” reads a Telegram message from CiberInteligenciaSV.
Additionally, CiberInteligenciaSV made available in the Codigo.rar file a compiled set of code and VPN credentials from the Chivo Wallet ATM network.
El Salvador promoted Chivo as the official Bitcoin wallet for residents after the nation became the first in the world to accept Bitcoin as legal tender in September 2021. Users may store and withdraw Bitcoin from ATMs, buy and trade Bitcoin, and more on the site.
Users later reported many flaws and technical issues with the Chivo wallet, which led to a rocky launch. The Salvadoran government has done nothing to fix the problem of the personal data breach in Chivo, even after news of the breach surfaced in early April.
Authorities in El Salvador have reportedly not issued an official statement about the incident, adding to the existing uncertainty.
Also Read: PayPal cuts NFT protections and Adidas NFT sneakers
Wallets