Bo Shen Hacked on Trust Wallet

In my opinion, both custodial and non-custodial accounts lose about 5% each year due criminal attacks or mishandling. The problem is always people messing it up, but the reasoning and the mechanisms are different.

With custodial accounts, everyone is completely relying on the banks, which is just a group of people. The advantage of central banking is that if something happens, they can usually just take your money back for you. Identity theft, fraud, and different kinds of hacking are common, so you just hope that the bank is competent enough to ward off threats and not lose all the money like Sam Bankman-Fried at FTX.

At least with crypto hardware wallets, if you do it correctly, it is mathematically certain that the account security is unhackable. There’s still a variety of things you can do to compromise the wallet or recovery phrase, just like being your own personal bank, but at least you are not entirely dependent on a group of bankers. The infrastructure to be your own bank is an incredibly powerful technology. The common issue I see preventing people from using hardware wallets is that it’s just annoying to have another device, which is why I assume Bo Shen and most people don’t use one.

Bo Shen, an exec from early crypto investment firm Fenbushi(founded in Shainghai but says he lives in Atlanta) was hacked for $42M from a Binance owned software wallet called TrustWallet. SlowMist cybersecurity firm says the hacker obtained Shen’s recovery phrase, so the hacker must have stolen it off his device, maybe directly from the software wallet. This is only possible if the data is stored locally on an internet connected device. The advantage of a hardware wallet, like Ledger Nano X, is that this information is kept off of your internet-connected phone or computer so it cannot be accessed online.

Shen was holding $38M of the total in USDC, which are centralized stable-coin assets. Those stablecoins (USDT Tether or USDC) are just US dollars on the blockchain that banks can destroy or print at any moment. Bo Shen probably had some confidence that USDC’s supporting corporation Circle(Series D investment by Fenbushi) would be able to help him if they were stolen, but the hacker immediately sold everything for decentralized assets, namely DAI. This hack was 2 weeks ago and Shen just posted publicly yesterday Nov. 22, so it’s likely he didn’t notice for a while. This is apparently the second time Bo Shen has been hacked from a crypto wallet. The first time, Shen was a victim of a social engineering attack on his email and phone, very comparable to the recent hack. He lost at least $300k in Augur and Ethereum on that first hack.

Obviously the moral of this story is to use hardware wallets, but the efficacy of custodial accounts and non-custodial wallets is still up for debate. To hedge these systemic risks, you should probably use both.

 

Bo Shen’s empty wallet

https://etherscan.io/address/0x6be85603322df6dc66163ef5f82a9c6ffbc5e894#tokentxns

Hackers account associated with the hack/phishing 

https://etherscan.io/address/0x24b93eed37e6ffe948a9bdf365d750b52adcbc2e#tokentxns 

Hackers trading account

https://etherscan.io/address/0x775c559d9a48ce5a8444c1035c3a8921ab477b8e#tokentxns 

Hackers vault account with $38M DAI

https://etherscan.io/address/0x66f62574ab04989737228d18c3624f7fc1edae14 

MORE POSTS

2021 Year of the NFT

Its hilarious to look at the angle on this chart. NFTs are surely the story of 2021. This is the growth people expect when they come to cryptos, but I bet most of you missed these gains in one way or another. Maybe you were busy right click saving lol. You got to stay plugged in and keep your awareness up.

VIEW POST

Cardano quietly building from the ground up

I have seen a lot of FUD (fear, uncertainty, doubt) on Cardano recently. People are disappointed that this top 5 layer 1 coin has not made them rich. Cardano has been quietly developing faster than any other top layer 1 which bodes well in this time of inefficiency and crude architectures.

VIEW POST

Cryptocurrency Inefficiency Concerns

Interesting article criticizing the inefficiency of cryptos, specifically BTC and ETH. These are legitimate concerns that will prevent these systems from reaching the goals we have. I believe that we are very early in this industry and these problems are being solved. If you can’t handle the FUD (Fear, Uncertainty, Doubt), then you don’t deserve the gains.

VIEW POST

ENS Domains are a rare NFT opportunity

Ethereum Name System has been slept on for long enough. This is an alternative to traditional Domain Name Servers like Google DNS or GoDaddy where you can register a website name like twitter.com. The difference between a .eth and a .com is the level of ownership and connectivity. ETH domains are connected to crypto wallets, NFTs, and your digital identity online. They are highly programable and I believe they will be a necessity for any person or company in a crypto future.

VIEW POST

Comparing Layer 1 Networks

Here is an extensive comparison of the Layer 1 Networks published by The Block Research and funded by Algorand. This report is a deep dive into the competition of Layer 1 network, the problems that the leader Ethereum is facing, and how other networks are addressing these problems.

VIEW POST