from the Sitting-on-the-beach,-earning-20%? dept.
Following on from an earlier story about the Canadian Crypto exchange whose owner died under suspicious circumstances with the keys to $137m of customers' assets, Business Insider Australia reports that some progress has been made[*] Spoiler alert: the funds are all gone.
The case has sparked numerous theories, including that he faked his own death and ran off with the cash.
However, court-appointed auditor Ernst & Young was able to crack Cotten's laptop. What they found, according to an EY report dated March 1, the accounts had been emptied in April 2018, eight months before his death.[*]
[* Ed.'s Update/Correction -- FP]
[...] A court-appointed auditor, Ernst & Young, has secured Cotten’s laptop, home computer, USB keys and home computer. Using public blockchain records, it determined the digital wallets thought to contain millions were emptied in April, eight months before his death [...]
I'm shocked, I tell you. Shocked.
Related Stories
Arthur T Knackerbracket has found the following story:
A cryptocurrency exchange in Canada has lost control of at least $137 million of its customers' assets following the sudden death of its founder, who was the only person known to have access the the offline wallet that stored the digital coins. British Columbia-based QuadrigaCX is unable to access most or all of another $53 million because it's tied up in disputes with third parties.
The dramatic misstep was reported in a sworn affidavit that was obtained by CoinDesk. The affidavit was filed Thursday by Jennifer Robertson, widow of QuadrigaCX's sole director and officer Gerry Cotten. Robertson testified that Cotten died of Crohn's disease in India in December at the age of 30.
Following standard security practices by many holders of cryptocurrency, QuadrigaCX stored the vast majority of its cryptocurrency holdings in a "cold wallet," meaning a digital wallet that wasn't connected to the Internet. The measure is designed to prevent hacks that regularly drain hot wallets of millions of dollars (Ars has reported on three such thefts here, here, and here.)
Thursday's court filing, however, demonstrates that cold wallets are by no means a surefire way to secure digital coins. Robertson testified that Cotten stored the cold wallet on an encrypted laptop that only he could decrypt. Based on company records, she said the cold wallet stored $180 million in Canadian dollars ($137 million in US dollars), all of which is currently inaccessible to QuadrigaCX and more than 100,000 customers.
"The laptop computer from which Gerry carried out the Companies' business is encrypted, and I do not know the password or recovery key," Robertson wrote. "Despite repeated and diligent searches, I have not been able to find them written down anywhere."
The expert, she added, has already accessed Cotten's personal and work email accounts and is now trying to gain access to an encrypted email account. Cotten also used an encrypted messaging system, but the chances of successfully reading the communications appear dim because, the expert has reported, "messages would disappear from the encrypted messaging system after a short period."
-- submitted from IRC
A group of aggrieved crypto-coin investors want to exhume the corpse of a digital money exchange boss in a bid to find their missing millions.
Lawyers representing the out-of-pocket Quadriga CX punters have filed a request [PDF] to the Royal Canadian Mounted Police to dig up and examine the body of Gerald Cotten, the deceased CEO of the now-defunct exchange.
In the letter, attorneys from law firm Miller Thomson ask that a detailed autopsy be performed in order to determine the exact cause of death for Cotten, who is interred at a cemetery in Halifax, Nova Scotia.
[...] Cotten is the exec who singlehandedly caused the crash of the Quadriga CX exchange late last year when, while apparently traveling in India, he was said to have died of complications related to Crohn's disease.
How? He apparently had the only copy of the passwords for the wallets where the funds (about $190 million) were held. That was the end for the Quadriga CX exchange. It was later discovered that Cotten had already drained the wallets to personal accounts. Given the circumstances of the death and the handling of the funds, there is a question that the death might have been faked.
It is hoped the exhumation and autopsy will clearly identify the body as actually being that of Cotten and thus end speculations of a possible ruse.
Previously:
Laptop of Crypto-Exchange Owner who Died with Keys to $137m Finally Cracked
Digital Exchange Loses $137M as Founder Takes Passwords to the Grave
Source: https://www.theregister.co.uk/2019/12/16/dead_coin_exec_exhumation/
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @02:27AM (4 children)
An Agency other than the NSA is able to crack encryption!
(Score: 2) by janrinok on Thursday March 07 2019, @07:34AM (3 children)
Australia is part of the Five-Eyes organisation. If one member can crack the code, they will probably all be able to crack the code.
(Score: 2) by pkrasimirov on Thursday March 07 2019, @12:22PM (2 children)
Do you think? Naah, more like Code Cracking as a Service, that's the new beat. CCaaS, now with Standard and Premium subscriptions! Give us the toy and we unlock it for you, trust us, it's ok.
(Score: 2) by kazzie on Thursday March 07 2019, @04:01PM
Of course, if they can't unlock it, it's Futile Code Cracking as a Service. So you give the FuCCaaS your money, and they take it and leave.
(Score: 2) by bob_super on Thursday March 07 2019, @07:20PM
Rooting As a Service, Cracking As a Service ... We've all known for a while that it's only a matter of frequency and latency.
(Score: 2) by MostCynical on Thursday March 07 2019, @02:35AM (9 children)
Did he take the money and run, or did someone else take the money, so he had to hide?
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 2) by c0lo on Thursday March 07 2019, @02:55AM (4 children)
His widow had sworn he died of guts inflammation in India [soylentnews.org].
Now, it may have been Crohn's_disease [wikipedia.org] indeed but I reckon many substances could mimic that.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @03:09AM (2 children)
A $1,000 is the right substance to certify death and cremation.
(Score: 2) by c0lo on Thursday March 07 2019, @03:53AM
The right dose, yes.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 1) by khallow on Thursday March 07 2019, @04:39AM
(Score: 3, Interesting) by Anonymous Coward on Thursday March 07 2019, @04:15AM
Ah yes, India, pretty much the perfect place to pretend to be dead [indiatimes.com].
(Score: 2, Insightful) by Anonymous Coward on Thursday March 07 2019, @03:06AM (3 children)
No matter what the answer to that is, yet another exchange's money is stolen. People should stop using those unregulated, uninsured exchanges. Isn't it amazing that people, who were trying to build a currency that frees them from the society, are carrying their monies to exchanges that are set up by the shadier members of the society?
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @03:11AM
It is still better than dealing with the kyc (or whatever) rules, the site getting hacked, and then getting your identity stolen for most people. Also, corporations are way more scammy than the "shadier members of society" you refer to.
(Score: 3, Funny) by Anonymous Coward on Thursday March 07 2019, @04:28AM
You ever met someone who works on Wall Street? You'd be better off wearing a fava bean necklace to a Chianti party.
(Score: 1) by khallow on Thursday March 07 2019, @03:19PM
Why? It's not like it's relevant to society whether a small portion is taking such risks. My view is that unregulated markets serve a number of vital roles in society. First, here as a lesson to the rest of us. One can't begin to accurately describe fraud without examples of it. Such unregulated markets are likely to be the first places for sophisticated new scams and deception techniques to be employed. Second, it allows us to rout around damage. For example, if a country screws up its currency with hyperinflation, then cryptocurrencies become a handy backup to enable trade to continue.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @02:41AM (4 children)
They could have been moved to a new cold wallet based on this.
(Score: 3, Informative) by JoeMerchant on Thursday March 07 2019, @02:53AM (3 children)
If the laptop held the coins' private keys, the only way to move them out to another cold wallet would be to record the exchange on the public blockchain.
🌻🌻 [google.com]
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @03:08AM (2 children)
Yep, what is your point?
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @04:30AM (1 child)
I think his point is that there would be a trace of where they went in that pesky blockchain.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @05:01AM
Yep. So what does that show? It isn't hard to take a look...
(Score: 4, Interesting) by SomeGuy on Thursday March 07 2019, @02:53AM (15 children)
So how exactly did they "crack" it. If they guessed the password was 12345 because it was the same as on his luggage, that is not exactly cracking.
If they cracked the encryption, then either the encryption was crap, or we live in a TV show were some punk tech can crack or hack the most secure systems in a mater of minutes.
[Presses player Eject button]
(Score: 2) by hemocyanin on Thursday March 07 2019, @03:08AM (2 children)
Yes -- some details on how the laptop was encrypted and how they cracked it would be useful info.
(Score: 1, Insightful) by Anonymous Coward on Thursday March 07 2019, @03:12AM (1 child)
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @04:09PM
NTLM? Do you even know what that means?
I'm pretty sure it's not relevant and turned off by default these days.
(Score: 2) by aristarchus on Thursday March 07 2019, @03:11AM (4 children)
Sometimes, cracking is not all it is cracked up to be, as in even the smartest people can have the most stupid passwords. Take, for instance, the President of Druidia! ("I told you never to call me on this wall phone!")
(Score: 2, Informative) by Anonymous Coward on Thursday March 07 2019, @04:46AM (3 children)
t. ironic geek
Druidia is a monarchy; Skroob was president of Planet Spaceball.
(Score: 2) by aristarchus on Thursday March 07 2019, @06:02AM (2 children)
Oh, Shit! Mea culpa! Mea culpa! Or, in non-latin, "My bad".
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @06:50AM (1 child)
Actually it’s mea culpa, mea culpa, mea maxima culpa, said while striking your breast three times.
(Score: 2) by aristarchus on Thursday March 07 2019, @07:12AM
What did I say? Are you a schizomist! Apostate? Magna Cum Laude .44! And Labia Moron, for Tejas!
(Score: 4, Interesting) by julian on Thursday March 07 2019, @04:06AM (4 children)
Yes, I want to know how his laptop was encrypted. My current system is to use LUKS for whole disk encryption. I use a long key that's memorable but unguessable and not possible to be contained in any dictionary file or permutation generator that doesn't regress to being a brute force attack. Then my passwords are stored in an encrypted Keepass database with a different key.
I am as confident as possible that I could lose this laptop anywhere in the world and (as long as it was powered off) the data would never be recovered. A motivated nation-state might be able to find some flaw in both of those crypto systems, but I find that unlikely. It's trivial to calculate [grc.com] that my keys cannot be brute forced with any classical computer that could reasonably be expected to ever be built on Earth. No living person is immune to rubber hose cryptanalysis.
Assuming they didn't just find the key written down somewhere, it was probably Windows 10 with Bitlocker, which in many cases transmits your "backup" key to Microsoft's servers. [thewindowsclub.com]
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @04:34AM
Unguessable, huh? Not in any book or file, huh? Here, hold my beer.
(Score: 2) by hoeferbe on Thursday March 07 2019, @12:45PM (2 children)
The did not crack the laptop. Please see my previous comment [soylentnews.org] about it.
(Score: 2) by julian on Friday March 08 2019, @01:24AM (1 child)
Why are you formatting your posts this way?
(Score: 1) by hoeferbe on Friday March 08 2019, @01:03PM
I got in the habit of linking to the profile of the person to whom I am responding and linking to the parent post to which I am responding, back when there was no "Parent" button. Before then, a reader could not easily see the parent post if it was below their threshold. I wanted to provide a way in which they could.
I guess since there is a Parent button, now, I can stop. I just didn't consider it. 😊
(Score: 5, Informative) by hoeferbe on Thursday March 07 2019, @12:39PM
From the bottom of TFA [businessinsider.com.au]:
SoylentNews Editors, please adjust this article's headline & description!
(Score: 2) by bob_super on Thursday March 07 2019, @07:26PM
> we live in a TV show were some punk tech can crack or hack the most secure systems in a mater of minutes.
You see, all it takes is the right background music, montage of windows opening and closing, and two people using the same keyboard without talking to each other.
No secret can resist that.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @04:10AM
https://www.bbc.com/news/technology-47454528 [bbc.com]
Efforts to recover millions in crypto-cash from the digital wallets of a man who died without revealing passwords to access them have hit a snag. The wallets have been found to be empty.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @04:35AM (1 child)
anyone got a photo of this "dead" character in case any of us run into him?
(Score: -1, Troll) by Anonymous Coward on Thursday March 07 2019, @05:05AM
https://i.ibb.co/N2KJ0rp/crypto-Master-Pic.jpg [i.ibb.co]
(Score: 2) by mendax on Thursday March 07 2019, @05:16AM (2 children)
The money is gone and the man responsible for it is dead. Is it just me or do others see a connection? If someone stole that kind of money from me his life wouldn't be worth much in my eyes.
It's really quite a simple choice: Life, Death, or Los Angeles.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @02:46PM
But you as a simple buttcoin nerd could not do anything about it but a DPResque comic attempt at hiring a hitman.
It would be interesting if hardcore criminals had stored their loot on an external wallet, in that case Jerry Cotton may be dying again soon.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @05:45PM
Yes I do. I think he faked his own death and is currently rolling around in it naked like Scrooge McDuck.
Well, tough guy, how did someone convince him to go to some remote part of India? Wouldn't it have been easier to seek revenge right here in the good old USA? Justice is more expensive in the US but it can still be bought if you have the means.
However, if you want to vanish amid the chaos that is India's local corruption practices, you can certainly buy a death certificate and a can of ashes for less than a plane ticket home.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @05:27AM
E&Y couldn't tell their ass from their nose. Stop posting "Enquirers wanna know" BS.
"$137m" my ass.
(Score: 0) by Anonymous Coward on Saturday March 09 2019, @01:54AM
'tt' is a common way of representing 'H'
'Cotten' is not a common spelling
'Cotton' IS the common spelling
'Cotten's REAL last name, I'll wager, is 'CoHen'
Read between the lines - you've been Jew'd