Dashjr reported that his wallet had four outgoing transactions on December 31st, totaling over 200 BTC, with an estimated loss of assets worth $3.3 million at current market prices. Dashjr did not specify how the attackers gained access to his PGP keys.
How Did the PGP Key Compromise Occur?
While the exact cause of the PGP key compromise is not yet confirmed, some speculate that a server used by Dashjr may have been accessed to steal data, including private keys to his bitcoin wallet. In November, Dashjr reported that his server had been compromised.
Another possibility is a supply chain attack, which occurs when a hacker injects malicious code into a system by modifying software. The hacker gained access to Dashjr's server using a compromised PGP key and later extracted the private key to his hot wallet connected to the server. However, a formal investigation has yet to confirm this.
Community Reaction to the Hack
The incident has attracted significant attention in the Bitcoin community. Binance CEO Changpeng Zhao stated that his team was monitoring the hacked assets and would freeze them if they were sent to the centralized exchange. The pseudonymous developer of Yearn Finance, Banteg, commented on Twitter that the incident might be a potential supply chain attack.
