Casa Blog - Bitcoin Security Made Easy

New players have entered the game. This week, we're sharing some crucial guidance to help you protect your bitcoin from sophisticated robbers. Also, payouts from a defunct exchange have surfaced at long last. Let's dive in into this week's briefing.


Jameson's take: A bitcoiner's guide to organized guide

crime-board-string-pegs

When the leader of a ruthless gang of extortionists was convicted last week, it represented a critical new threat to bitcoin HODLers: organized crime.

Didn't hear what happened? Wired published an in-depth feature about the crime spree based on court documents, evidence screenshots, and analysis from Jameson.

These events are just the latest data point in an important trend we've observed. Physical attacks appear to be on the rise, given that bitcoin has grown into a trillion-dollar network and earned the attention of all walks of life.

Going forward, the known presence of criminal enterprises has implications for your security model. Criminal activity looks a lot different when it's perpetrated by a professional, rather than an amateur. It's much less sloppy. What might otherwise be a crime of opportunity changes into a crime of forethought and careful consideration.

How can you protect yourself from well-organized adversaries? Jameson shared some guidance in the below article.

A bitcoiner’s guide to organized crime
Organized crime rings are targeting crypto holders. How can you protect yourself from becoming a target?

Long-bankrupt exchange Mt. Gox begins payouts of bitcoin and bitcoin cash

piggy-bank-on-beach

So much for summertime sadness. It appears the wait is finally over for some Mt. Gox creditors. The bankrupt exchange finally began issuing repayments of bitcoin and bitcoin cash to creditors after a decade-long wait.

The exchange folded in 2014 following a major hack in which hackers drained 640,000 BTC over several years. Since then, creditors have waited for their claims to be processed.

Not all claims are being paid right away, and it sounds like this process will continue all summer long. In a statement, Mt. Gox asked other eligible creditors "to wait for a while." The timeframe is expected to be up to 90 days, CoinDesk reported.

Mt. Gox was the OG bitcoin exchange failure. The company handled as much as 75% of bitcoin trades at its peak. The repayments represent a portion of bitcoin supply that has been dormant for years. Mt. Gox had transferred close to 142,000 BTC on-chain back in May, which is more than 1% of all bitcoin that even existed in 2014.

🔑 Key Insight: We're glad to see Mt. Gox creditors get some of their assets over all these years, but this remains a cautionary tale. Creditors are receiving only 21% of the holdings they had with the exchange in 2014. Read a recap of the saga in this X thread from Casa CEO Nick Neuman.


Hackers accessed phone numbers of 2FA app Authy users

sim-card-in-fingers

More phone numbers are on the loose. Hackers identified user phone numbers for the two-factor authentication app Authy.

The news comes days after a hacker posted on a forum that they had obtained 33 million phone numbers. Twilio, the parent company behind Authy, confirmed it "detected that threat actors were able to identify data associated with Authy accounts, including phone numbers, due to an unauthenticated endpoint."

"As a precaution, we are requesting all Authy users to update to the latest Android and iOS apps for the latest security updates and encourage all Authy users to stay diligent and have heightened awareness around phishing and smishing attacks," a Twilio spokesperson told TechCrunch.

🔑 Key Insight: Why is it a big deal when a hacker gets your phone number? They can use social engineering or collaborate with rogue carrier employees to target you in a SIM swap, steal your number, and bypass text-based 2FA. If you haven't done so already, consider locking your number down with a secure provider such like Efani or Cloaked Wireless.


⌛Blast from the past: Was Satoshi a poker player? The original bitcoin source code contained strings from what appeared to be from an unfinished poker game. Some speculate they were building a game while others maintain they could have simply been experimenting with how to build a feature.


Stay ahead of emerging security threats

Our Casa Security Briefing provides weekly updates about privacy, security, and other bitcoin news. Sign up below to receive future editions.