Nearly $1 billion in bitcoin has been emptied from a mysterious wallet that has been dormant since 2015.
The haul of slightly more than 69,369 BTC—worth about $975 million at the time this post went live—was withdrawn in the past 24 hours, the bitcoin ledger shows. Alon Gal, co-founder and CTO of security firm Hudson Rock, was among the first—if not the first—to report the transaction.
“UNBELIEVABLE,” he wrote. “Someone was able to crack the password of the bitcoin wallet I reported on only a short time ago and spend the $1,000,000,000 that was inside it!” Gal went on to say that it wasn’t clear if the person responsible was the original wallet owner or someone who pulled off the unlikely feat of cracking the password.
It was either the person who cracked the password or the original owner who may have noticed the recent articles about his wallet being circulated among hackers.
The wallet was considered “dormant” since 2013.
Either way this is pretty interesting.
— Alon Gal (Under the Breach) (@UnderTheBreach) November 3, 2020
Tom Robinson, co-founder and chief scientist of blockchain analysis firm Elliptic, said on Twitter that the bitcoin wallet is the world’s fourth largest. He said he believed the funds came from sales on Silk Road, the underground market that peddled drugs, murder-for-hire, and other illicit goods and services before being brought down in 2013. Elliptic published this blog post earlier on Wednesday.
When the BTC moved out of Silk Road in 2013, Robinson said, they were worth roughly $350,000. In the intervening years, the exploding price of bitcoin saw their value soar to more than $955 million and beyond. The account has remained dormant since 2015, when someone transferred 101 BTC into BTC-e, a bitcoin exchange whose founder was arrested in 2017 on allegations that he committed $4 billion worth of bitcoin laundering.
The person or party who withdrew the windfall remains a mystery. It’s possible that it was either someone connected to Silk Road founder Ross Ulbricht or one of the many sellers who used the online crime bazar. But there’s another possibility: an article published two months ago by Vice said that hackers had been trading the encrypted wallet on forums and underground marketplaces in hopes of recovering the cryptocurrency, which at the time was worth about $690 million.
The chances of successfully cracking the password that unlocked the wallet was widely viewed as a long shot. Passwords are generally long, and the encryption involved—a combination of AES-256-CBC and SHA-512—is extremely slow to process. What’s more, it was never certain that the wallet.dat file that was passed around was the real bitcoin wallet or a forgery.
For the moment, the quasi-anonymous nature of bitcoin transactions is concealing the identity of the person or party who withdrew almost $1 billion worth of digital currency. Given the interest of law enforcement and the advances made in cryptocurrency forensics, you can bet people are working hard to solve this mystery.