Yes, you read that right. 1,400 Bitcoins were stolen from an unfortunate BTC hodl’r today. The amount of BTC stolen is worth over $16 million USD and was a result of a hardware wallet exploit. The Electrum wallet where the cryptocurrency was stored was victim to a security exploit. Though, the blame cannot be entirely placed on the hardware wallet itself.
How was the Electrum Wallet hacked?
The kind of exploit that resulted in the loss of 1,400 Bitcoins is not one we commonly see. The victim had his BTC stored on an outdated version of their Electrum wallet. The last time they opened this particular wallet was back in 2017. Since then, Electrum has released a variety of security updates.
It wasn’t until today that this user, named 1400BitcoinStolen on github, decided to make a BTC transaction on this outdated wallet. Upon making the transaction attempt, they were prompted to perform an update to the wallet. After the update was installed, a transfer of their complete Bitcoin balance was triggered. Unfortunately, the 1,400 BTC balance was sent to the scammers address.
It is very clear that since the security updates provided by Electrum hadn’t been installed, their wallet was already compromised. Consequently, the prompt to update and the actual “update” (aka, malware) was from the hacker.
Is my hardware wallet at risk?
News like this can understandably shake the faith of many hardware wallet users around the world. Just the thought of losing 1 BTC, much less 1,400 BTC, is unimaginable. Storing your cryptocurrency on a hardware wallet is still the most secure way to keep your digital assets safe. That being said, it is the responsibility of the end user to make sure that they have taken all the steps necessary to protect their investments.
The lesson to be learned here is to always keep your hardware wallet updated with the latest security patches from the manufacturer. Any apps, software and firmware updates should never be sideloaded or downloaded from a 3rd party. If you own a CoolWallet S, here are some tips to even further secure your crypto. Stay safe out there, friends.