Laptop of Crypto-Exchange Owner who Died with Keys to $137m Finally Cracked

posted by martyb on Thursday March 07, @02:19AM   Printer-friendly
from the Sitting-on-the-beach,-earning-20%? dept.
Mykl writes:

Following on from an earlier story about the Canadian Crypto exchange whose owner died under suspicious circumstances with the keys to $137m of customers' assets, Business Insider Australia reports that the laptop containing the keys to the funds has now been cracked. Spoiler alert: the funds are all gone.

The case has sparked numerous theories, including that he faked his own death and ran off with the cash. However, court-appointed auditor Ernst & Young was able to crack Cotten’s laptop. What they found, according to an EY report dated March 1, the accounts had been emptied in April 2018, eight months before his death.

I'm shocked, I tell you. Shocked.

Digital Exchange Loses $137M as Founder Takes Passwords to the Grave 57 comments

"exec" writes:

Arthur T Knackerbracket has found the following story:

A cryptocurrency exchange in Canada has lost control of at least $137 million of its customers' assets following the sudden death of its founder, who was the only person known to have access the the offline wallet that stored the digital coins. British Columbia-based QuadrigaCX is unable to access most or all of another $53 million because it's tied up in disputes with third parties.

The dramatic misstep was reported in a sworn affidavit that was obtained by CoinDesk. The affidavit was filed Thursday by Jennifer Robertson, widow of QuadrigaCX's sole director and officer Gerry Cotten. Robertson testified that Cotten died of Crohn's disease in India in December at the age of 30.

Following standard security practices by many holders of cryptocurrency, QuadrigaCX stored the vast majority of its cryptocurrency holdings in a "cold wallet," meaning a digital wallet that wasn't connected to the Internet. The measure is designed to prevent hacks that regularly drain hot wallets of millions of dollars (Ars has reported on three such thefts here, here, and here.)

Thursday's court filing, however, demonstrates that cold wallets are by no means a surefire way to secure digital coins. Robertson testified that Cotten stored the cold wallet on an encrypted laptop that only he could decrypt. Based on company records, she said the cold wallet stored $180 million in Canadian dollars ($137 million in US dollars), all of which is currently inaccessible to QuadrigaCX and more than 100,000 customers.

"The laptop computer from which Gerry carried out the Companies' business is encrypted, and I do not know the password or recovery key," Robertson wrote. "Despite repeated and diligent searches, I have not been able to find them written down anywhere."

The expert, she added, has already accessed Cotten's personal and work email accounts and is now trying to gain access to an encrypted email account. Cotten also used an encrypted messaging system, but the chances of successfully reading the communications appear dim because, the expert has reported, "messages would disappear from the encrypted messaging system after a short period."

-- submitted from IRC

Original Submission

  • (Score: 0) by Anonymous Coward on Thursday March 07, @02:27AM

    by Anonymous Coward on Thursday March 07, @02:27AM (#810978)

    An Agency other than the NSA is able to crack encryption!

  • (Score: 2) by MostCynical on Thursday March 07, @02:35AM (1 child)

    by MostCynical (2589) on Thursday March 07, @02:35AM (#810980)

    Did he take the money and run, or did someone else take the money, so he had to hide?

  • (Score: 0) by Anonymous Coward on Thursday March 07, @02:41AM (1 child)

    by Anonymous Coward on Thursday March 07, @02:41AM (#810981)

    From April 2014 to approximately April 2018, aggregate bitcoin month end balances
    in the Identified Bitcoin Cold Wallets ranged from a low of nil to a peak of
    approximately 2,776 bitcoin. The average aggregate month end balance over the
    four-year period was approximately 124 bitcoin. In April 2018, the remaining bitcoin
    in the Identified Bitcoin Cold Wallets was transferred out bringing the balances down
    to nil. Other than the Sixth Wallet, there have been no deposits into the Identified
    Bitcoin Cold Wallets since April 2018 except for the inadvertent transfer of bitcoin
    by the Applicants as disclosed in the First Report.

    They could have been moved to a new cold wallet based on this.

    • (Score: 2) by JoeMerchant on Thursday March 07, @02:53AM

      by JoeMerchant (3937) on Thursday March 07, @02:53AM (#810983)

      They could have been moved to a new cold wallet based on this.

      If the laptop held the coins' private keys, the only way to move them out to another cold wallet would be to record the exchange on the public blockchain.

  • (Score: 2) by SomeGuy on Thursday March 07, @02:53AM

    by SomeGuy (5632) on Thursday March 07, @02:53AM (#810982)

    So how exactly did they "crack" it. If they guessed the password was 12345 because it was the same as on his luggage, that is not exactly cracking.

    If they cracked the encryption, then either the encryption was crap, or we live in a TV show were some punk tech can crack or hack the most secure systems in a mater of minutes.

    [Presses player Eject button]

