How does it feel when you lost your hard-earned money with your own mistake? Isn’t it painful! Monty Munford, a tech journalist shared his story of how he lost £25,000 after storing the private key of his crypto wallet on his Gmail draft.
Why Should You Not Store Your Private Key Online?
Though Munford made his investment in Bitcoin and Ethereum in the middle of 2017, he says that his interest to invest in the crypto industry was on the peak when Bitcoin was skyrocketing in late 2017. He says, with a rise of more than 100,000% in seven years, “My curiosity got the better of me”. In fact, he began believing this investment as his long-term plan and even though it as a nest egg for a pension.
With a lot of research, Munford found two options to store cryptocurrency, one a crypto exchange and another an encrypted digital storage wallet. As the exchange-hack scene is quite common in the crypto industry, Munford decides to store his cryptocurrency in a wallet, myetherwallet.com.
He says that, soon after choosing a wallet, he has been provided with two keys, one is a public key that he used to transfer money to his wallet and another is the private key that he used to access his wallet. While writing 40 random numbers of the keys on the paper is the widely-accepted technique in the crypto industry, Munford has chosen to get a print out copy of it. Besides that, he also decided to store it in his Gmail draft to avoid any mistake while using the private key to access the wallet. Munford then deleted his internet history to ensure he keeps extra security in place.
The excitement of Munford was flying as the market price of cryptocurrencies reaching the growing graph but in 2018 he couldn’t access to his private key. He says;
I hadn’t used my private key to access my account for some time, Munford explained. But when I tried to do so, I saw with horror that all of my Ethereum – about £25,000’s worth – had already been taken out; the cupboard was bare.
Lesson To Learn From Mistake
While cryptocurrency offers few great features including anonymity and decentralization, it also comes with a risk of losing funds. Unlike bank accounts/ bank transfers where you can have reconciliations following the wrong transfer of funds, transactions in crypto space aren’t reversible. Munford’s amount from his wallet has been abruptly transferred to another private key address. Concerning this, he says, “There seemed to be no-one to complain to”.
However, with intense research and contact with the crypto community, he found that the amount from his wallet has been transferred to Binance crypto exchange and getting information from Binance was a Kafkaesque nightmare, he said. Munford later reached out to Action Fraud to file a complaint but no required information was received. After the six months of his continuous effort, he later contacted US bounty-hunters CipherBlade who work with FBI to track thieves in return of bounty commission.
They discovered that my money had been deposited by the thief (or thieves) in a “consolidation wallet” then divided up into chunks and sent to four different deposit addresses on the Binance exchange.
On his behalf, the firm received a handful of information from Binance within a week and states that the IP address denotes a telecom company in the Netherlands. However, the information didn’t provide personal identities of the thieves and his money remains stolen. Following this whole scenario, he said;
Of course, I should never have stored my password anywhere on my computer. Malware can scan keystroke movements and sniff out a private key – even if, as I had done, you chop it up into separate blocks and store it in different places.
Conclusively he urged to learn a lesson from his mistake and notes that;
So I’m left with my fingers burned, feeling like I wandered into a savage bazaar where criminals can pick your pocket at will. And get away with it.
Image Source – Medium.com