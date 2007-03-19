from the Sitting-on-the-beach,-earning-20%? dept.
Following on from an earlier story about the Canadian Crypto exchange whose owner died under suspicious circumstances with the keys to $137m of customers' assets, Business Insider Australia reports that the laptop containing the keys to the funds has now been cracked. Spoiler alert: the funds are all gone.
The case has sparked numerous theories, including that he faked his own death and ran off with the cash. However, court-appointed auditor Ernst & Young was able to crack Cotten's laptop. What they found, according to an EY report dated March 1, the accounts had been emptied in April 2018, eight months before his death.
I'm shocked, I tell you. Shocked.
Arthur T Knackerbracket has found the following story:
A cryptocurrency exchange in Canada has lost control of at least $137 million of its customers' assets following the sudden death of its founder, who was the only person known to have access the the offline wallet that stored the digital coins. British Columbia-based QuadrigaCX is unable to access most or all of another $53 million because it's tied up in disputes with third parties.
The dramatic misstep was reported in a sworn affidavit that was obtained by CoinDesk. The affidavit was filed Thursday by Jennifer Robertson, widow of QuadrigaCX's sole director and officer Gerry Cotten. Robertson testified that Cotten died of Crohn's disease in India in December at the age of 30.
Following standard security practices by many holders of cryptocurrency, QuadrigaCX stored the vast majority of its cryptocurrency holdings in a "cold wallet," meaning a digital wallet that wasn't connected to the Internet. The measure is designed to prevent hacks that regularly drain hot wallets of millions of dollars (Ars has reported on three such thefts here, here, and here.)
Thursday's court filing, however, demonstrates that cold wallets are by no means a surefire way to secure digital coins. Robertson testified that Cotten stored the cold wallet on an encrypted laptop that only he could decrypt. Based on company records, she said the cold wallet stored $180 million in Canadian dollars ($137 million in US dollars), all of which is currently inaccessible to QuadrigaCX and more than 100,000 customers.
"The laptop computer from which Gerry carried out the Companies' business is encrypted, and I do not know the password or recovery key," Robertson wrote. "Despite repeated and diligent searches, I have not been able to find them written down anywhere."
The expert, she added, has already accessed Cotten's personal and work email accounts and is now trying to gain access to an encrypted email account. Cotten also used an encrypted messaging system, but the chances of successfully reading the communications appear dim because, the expert has reported, "messages would disappear from the encrypted messaging system after a short period."
-- submitted from IRC
(Score: 0) by Anonymous Coward on Thursday March 07, @02:27AM (1 child)
An Agency other than the NSA is able to crack encryption!
(Score: 2) by janrinok on Thursday March 07, @07:34AM
Australia is part of the Five-Eyes organisation. If one member can crack the code, they will probably all be able to crack the code.
It's always my fault...
(Score: 2) by MostCynical on Thursday March 07, @02:35AM (8 children)
Did he take the money and run, or did someone else take the money, so he had to hide?
tau = 300. Greek circles must have been weird.
(Score: 2) by c0lo on Thursday March 07, @02:55AM (4 children)
His widow had sworn he died of guts inflammation in India [soylentnews.org].
Now, it may have been Crohn's_disease [wikipedia.org] indeed but I reckon many substances could mimic that.
(Score: 0) by Anonymous Coward on Thursday March 07, @03:09AM (2 children)
A $1,000 is the right substance to certify death and cremation.
(Score: 2) by c0lo on Thursday March 07, @03:53AM
The right dose, yes.
(Score: 1) by khallow on Thursday March 07, @04:39AM
(Score: 1, Interesting) by Anonymous Coward on Thursday March 07, @04:15AM
Ah yes, India, pretty much the perfect place to pretend to be dead [indiatimes.com].
(Score: 1, Insightful) by Anonymous Coward on Thursday March 07, @03:06AM (2 children)
No matter what the answer to that is, yet another exchange's money is stolen. People should stop using those unregulated, uninsured exchanges. Isn't it amazing that people, who were trying to build a currency that frees them from the society, are carrying their monies to exchanges that are set up by the shadier members of the society?
(Score: 0) by Anonymous Coward on Thursday March 07, @03:11AM
It is still better than dealing with the kyc (or whatever) rules, the site getting hacked, and then getting your identity stolen for most people. Also, corporations are way more scammy than the "shadier members of society" you refer to.
(Score: 2, Funny) by Anonymous Coward on Thursday March 07, @04:28AM
You ever met someone who works on Wall Street? You'd be better off wearing a fava bean necklace to a Chianti party.
(Score: 0) by Anonymous Coward on Thursday March 07, @02:41AM (4 children)
They could have been moved to a new cold wallet based on this.
(Score: 3, Informative) by JoeMerchant on Thursday March 07, @02:53AM (3 children)
If the laptop held the coins' private keys, the only way to move them out to another cold wallet would be to record the exchange on the public blockchain.
(Score: 0) by Anonymous Coward on Thursday March 07, @03:08AM (2 children)
Yep, what is your point?
(Score: 0) by Anonymous Coward on Thursday March 07, @04:30AM (1 child)
I think his point is that there would be a trace of where they went in that pesky blockchain.
(Score: 0) by Anonymous Coward on Thursday March 07, @05:01AM
Yep. So what does that show? It isn't hard to take a look...
(Score: 4, Interesting) by SomeGuy on Thursday March 07, @02:53AM (9 children)
So how exactly did they "crack" it. If they guessed the password was 12345 because it was the same as on his luggage, that is not exactly cracking.
If they cracked the encryption, then either the encryption was crap, or we live in a TV show were some punk tech can crack or hack the most secure systems in a mater of minutes.
[Presses player Eject button]
(Score: 2) by hemocyanin on Thursday March 07, @03:08AM (1 child)
Yes -- some details on how the laptop was encrypted and how they cracked it would be useful info.
(Score: 1, Insightful) by Anonymous Coward on Thursday March 07, @03:12AM
(Score: 2) by aristarchus on Thursday March 07, @03:11AM (4 children)
Sometimes, cracking is not all it is cracked up to be, as in even the smartest people can have the most stupid passwords. Take, for instance, the President of Druidia! ("I told you never to call me on this wall phone!")
[21:17:40]mprg: I created the love and the hate within I too? [21:17:49]mprg: I created aristarchus?!?! #editorial
(Score: 1, Informative) by Anonymous Coward on Thursday March 07, @04:46AM (3 children)
t. ironic geek
Druidia is a monarchy; Skroob was president of Planet Spaceball.
(Score: 2) by aristarchus on Thursday March 07, @06:02AM (2 children)
Oh, Shit! Mea culpa! Mea culpa! Or, in non-latin, "My bad".
(Score: 2) by aristarchus on Thursday March 07, @06:02AM (2 children)

Oh, Shit! Mea culpa! Mea culpa! Or, in non-latin, "My bad".
(Score: 0) by Anonymous Coward on Thursday March 07, @06:50AM (1 child)
Actually it’s mea culpa, mea culpa, mea maxima culpa, said while striking your breast three times.
(Score: 2) by aristarchus on Thursday March 07, @07:12AM
What did I say? Are you a schizomist! Apostate? Magna Cum Laude .44! And Labia Moron, for Tejas!
(Score: 2) by aristarchus on Thursday March 07, @07:12AM

What did I say? Are you a schizomist! Apostate? Magna Cum Laude .44! And Labia Moron, for Tejas!
(Score: 3, Interesting) by julian on Thursday March 07, @04:06AM (1 child)
Yes, I want to know how his laptop was encrypted. My current system is to use LUKS for whole disk encryption. I use a long key that's memorable but unguessable and not possible to be contained in any dictionary file or permutation generator that doesn't regress to being a brute force attack. Then my passwords are stored in an encrypted Keepass database with a different key.
I am as confident as possible that I could lose this laptop anywhere in the world and (as long as it was powered off) the data would never be recovered. A motivated nation-state might be able to find some flaw in both of those crypto systems, but I find that unlikely. It's trivial to calculate [grc.com] that my keys cannot be brute forced with any classical computer that could reasonably be expected to ever be built on Earth. No living person is immune to rubber hose cryptanalysis.
Assuming they didn't just find the key written down somewhere, it was probably Windows 10 with Bitlocker, which in many cases transmits your "backup" key to Microsoft's servers. [thewindowsclub.com]
Yang2020 [yang2020.com]
(Score: 0) by Anonymous Coward on Thursday March 07, @04:34AM
Unguessable, huh? Not in any book or file, huh? Here, hold my beer.
(Score: 0) by Anonymous Coward on Thursday March 07, @04:10AM
https://www.bbc.com/news/technology-47454528 [bbc.com]
Efforts to recover millions in crypto-cash from the digital wallets of a man who died without revealing passwords to access them have hit a snag. The wallets have been found to be empty.
(Score: 0) by Anonymous Coward on Thursday March 07, @04:35AM (1 child)
anyone got a photo of this "dead" character in case any of us run into him?
(Score: 0) by Anonymous Coward on Thursday March 07, @05:05AM
https://i.ibb.co/N2KJ0rp/crypto-Master-Pic.jpg [i.ibb.co]
(Score: 2) by mendax on Thursday March 07, @05:16AM
The money is gone and the man responsible for it is dead. Is it just me or do others see a connection? If someone stole that kind of money from me his life wouldn't be worth much in my eyes.
It's really quite a simple choice: Life, Death, or Los Angeles.
(Score: 0) by Anonymous Coward on Thursday March 07, @05:27AM
E&Y couldn't tell their ass from their nose. Stop posting "Enquirers wanna know" BS.
"$137m" my ass.