7 Scariest Bitcoin Horror Stories (And What They Teach Us About Bitcoin Security)

By Cam / October 29, 2017
bitcoin horror stories

One of the most revolutionary things about Bitcoin is that it allows you to be your own bank. But as Uncle Ben wisely pointed out, with great power comes great responsibility. And for many of us password-forgetting, key-losing, sleep-lacking, and generally scatter-brained folk, Bitcoin’s non-reversible, decentralized structure can be a blessing as well as a curse.

‘Cause despite its high-tech nature, Bitcoin is a lot like cash – except we’re usually dealing with larger amounts than we’d ever carry in our everyday cash wallets. And who among us has never absentmindedly handed over two bills instead of one or – gulp – lost a wallet?

The scary truth is that a simple lapse of concentration can lead to losing a whole lot of your precious Bitcoin. And indeed, the history of Bitcoin is full of such horror stories about unfortunate people who lost fortunes due to human error, technical glitches, sheer greed or a combination of all three.

Normally, we’d steer clear of such grim tales but Halloween is just around the corner and there’s nothing quite like the thought of losing a sizable fortune to make your skin crawl with goosebumps. Not to mention- teach some valuable lessons along the way.

So, in the interest of education through entertainment, here are 9 of the scariest Bitcoin horror stories – and what you can learn from them!

Put Your Hands Up and Gimme the Money Bitcoin

Most of the common concerns surrounding Bitcoin security involves protecting yourself against hackers. But as it turns out, the money of the future is still susceptible to much more old school crimes.

Like this real-life mugging that took place a few years ago in Brooklyn.

A 28-year-old Crown Heights man arranged to sell some of his Bitcoin through a Craigslist listing. The deal was supposed to be finalized in a silver Honda but once inside the car, a second man in the backseat whipped out a gun and forced the hopeful seller to transfer the $1,100 of Bitcoin to the two robbers. The thieves then stole the victim’s cell phone as well as fled.

Just goes to show that the more things change, the more they stay the same.

Lesson learned: If you want to buy and sell Bitcoin without a centralized exchange, do the sensible thing and opt for a peer-to-peer exchange that offers escrow protection, like LocalBitcoins and Paxful.

My Phone is Safe, Right?

Like a true citizen of the 21st century, you carry your phone everywhere. So when an exchange asks you to confirm your phone number, you think: This is a convenient extra layer of security, why bother with 2FA?

Because SMS is actually crappy for security. So crappy, in fact, that it’s allowed hackers to steal millions of dollars worth of Bitcoin. Like, in the case of Jered Kenna when hackers faked his identity and transferred his phone number to one in the hacker’s possession, allowing the hacker to reset the password for Kenna’s emails, bank accounts, PayPal account, Bitcoin services as well as his Windows account.

A more recent horror story is shared by Cody Brown, who had $8,000 of Bitcoin stolen from him when hackers did the exact same thing, gaining access to his Verizon Wireless account to reset his Coinbase account password.

The truly terrifying part of these stories is how incredibly easy it is. The hackers in question didn’t need any sophisticated technical skills nor did they need to gain intimate information about the victims. All they needed to takeover victims’ phone numbers was simple billing information. No pin number, no social security number necessary.

Lesson learned: Don’t be fooled into thinking that SMS is an adequate form of two-factor authentication (2FA). It’s not. It’s sorely lacking since hackers can fairly easily gain access to your phone account. Instead, opt for Google Authenticator or Authy for your 2FA. It’s worth the extra minute it takes to set up.

If you never want this to happen to you, then take it a step further and keep your Bitcoins off the exchange(s) you’re using. Transfer at least the bulk of your Bitcoins to cold, offline storage. That way, hackers won’t be able to access the coins. Period.

Shout It From the Rooftops

There are people who did you wrong. People who said you wouldn’t amount to anything. People who mocked your dreams of a Bitcoin revolution. And now that you’re the proud owner of however many Bitcoins you own while Bitcoin is going to the moon, you want to rub it in everyone’s face, to shout from the rooftops a vindicating cry of, “I’m RICH, B*tch!”

Please don’t. In fact, it’d be wise to remain totally mum about the fact that you have Bitcoins in the first place. And that includes to friends, extended family and even those you don’t know, like strangers on the Internet.

‘Cause you never know whose ears are waiting for just this kind of information. Take it from Cody Brown (above), who unwittingly made himself a target after he announced to the world that he owned Bitcoin, resulting in a loss of $8,000 worth Bitcoin (at the time).

As bad as that is, at least no bodily harm came to Cody. Which, unfortunately, wasn’t the case for 22-year-old Şükrü Ersoy, the first man to be murdered for BTC. Investigators believe that the suspects murdered the victim after a fight, when they tried to force him to transfer his BTC to their accounts. Afterwards, the suspects tried to unlock the victim’s mobile phone to get access to Bitcoin. Even more terrifying – one of the suspected murders is said to be a close friend of the victim.

Lesson learned: The first rule of Fight Bitcoin Club is: You do not talk about Fight Bitcoin Club. The second rule of Fight Bitcoin Club is: You DO NOT TALK ABOUT FIGHT BITCOIN CLUB! It’s up to you to keep your Bitcoin safe and a big part of that is to not go bragging about your BTC stash.

Think about it this way: if you decided to stash $xx,xxx under your mattress, would you be willing to risk you and your family’s safety by alerting people to its presence? What if you kept a pile full of gold bars in your garage? You wisely wouldn’t breathe a word. Do the same with your Bitcoin.

Oh, and keep your Bitcoin in an offline, cold wallet. That way, even if random hackers do get ahold of some of your information, they won’t be able to access your Bitcoin.

It’s a Reputable Exchange

“It’s a legit exchange.” “It’s, like, one of the biggest exchanges out there.” All common defenses made by those of us – you know who you are – who can’t be bothered to move the bulk of their Bitcoin out of the exchange and into secure, cold wallets.

These are the very same people who end up holding placards for Bitcoin that are long gone and never to be recovered. Like so:

bitcoin horror stories

Don’t be that guy. Don’t be the guy who trusted that his Bitcoin were safe and secure in a free wallet provided by whatever exchange you’re using. You’re responsible for your own financial security – in fact, if you read through the Terms and Conditions of most of the cryptocurrency exchanges out there, you’ll find that to be true.

Mt. Gox may have been the biggest Bitcoin hack but it certainly wasn’t the only one and if one thing is for sure, it’s that there are plenty of hungry hackers plotting ways to wheedle Bitcoin out of the major exchanges. Don’t leave your coins in that honeypot.

Lesson learned: Exchanges are good for buying and trading – but they’re not the most secure option you have for Bitcoins you want to hold and keep. So transfer your BTC out of whatever exchange you’re using – even if it’s never been hacked and rumored to be super secure – and into an offline, cold wallet.

No Backsies!

They say the very same qualities that initially attracted you to a partner will be the very same qualities that annoy you about them down the line. And it’s not just with partners – it kinda applies to Bitcoin, too.

Take, for example, Bitcoin’s irreversibility. Unlike with credit card charges, PayPal, or even bank deposits – once a Bitcoin transaction is made, there is no ‘oops’, no ‘backsies’, no ‘control-Z’. What’s done is done and that’s that.

Bitcoin advocates applaud this irreversibility as a benefit, since it’s one of the crucial features that allow Bitcoin to remain independent of central authorities. And it’s true, this iron-clad irreversibility is part of what makes Bitcoin independent, secure, and un-hackable.

But it’s also a feature that has resulted in a whole lot of screw-ups. Like this poor guy who accidentally sent Bitcoins to the wrong address. And this newbie who made the same mistake. And this absent-minded soul. As well as countless others who have unwittingly gifted their precious coin to some total stranger.

And of course, there are the folks who sent to the right address…but sent too much. Like this Fiverr user who paid his contractor a tad too much only to find he couldn’t get it back. The most heartbreaking example is of this unnamed person who accidentally got charged $137,000 in miner’s fees while trying to make a $5 transaction.

Of course, there’s happy endings too. Like this redditor who accidentally sent 10x the BTC – only to have it returned to him by the fair-minded recipient. Unfortunately, not everyone is such a gentleman.

Lesson learned: Measure twice, cut once. Check, double check and triple check the address you’re sending Bitcoin to as well as the amount.

Where’d I Put My Keys?

The world of Bitcoin is a harsh one. Not only can you not revoke or take back any transactions after the deal is done, but if you lose your keys – it’s game over. A ‘private key’ is needed to access your digital wallet and your crypto-savings.

So it goes without saying that you really, really need to keep it safe. A private key can be easily used by another user to clean you out if they happen to spy it, or gain access to your computer where you’ve stored important details in your desktop folders named things like “Bitcoin passwords – no steal, pls”.

bitcoin horror stories

But it’s not just lurking hackers that can result in grave mistakes – there’s also plenty of room for human error here. A hugely common mistake is to forget the virtue of pen and paper over digitally stored data. Like in the case of Stefan Thomas, who wisely made three copies of his private keys – on an encrypted USB stick, a Dropbox account, and a virtual machine – and then promptly lost them all.

But then again, a pen and paper aren’t infallible, as evidenced by the more recent case of almost losing $30,000 worth of Bitcoin due to a lost PIN.

In short: You lose the key, you lose the funds. So keep it safe.

Lesson learned: Write them down, store them somewhere safe. Get your keys tattooed on a difficult part of your body if you must. Whatever it takes to keep that information private, but safe.

The Heart-Breaking Tale of James Howells

One of the biggest tips for newcomers to Bitcoin is to constantly back up your data – I’m aware that that’s a general rule for working with computers in any capacity, but when you’re literally sinking your money into digital data, you want to make sure that information’s going nowhere.

Unfortunately, James Howells was burned by his own efficiency. His case was so upsetting that even the BBC covered it with aplomb.

James Howells was doing some house cleaning one day and found an old hard-drive in a drawer, which he thought had been wiped clean, literally, after he dismantled a computer on which he’d spilled a drink. Thinking nothing of it, he chucked the hard drive away.

The big mistake? It still contained the private key to 7,500 Bitcoin. That’s over £4 million worth of data. That poor, poor man.

Lesson learned: For the love of God, back up your private key. Again, keep your Bitcoin in offline, cold storage wallets. That one act alone prevents a whole lot of Bitcoin horror stories from happening.

Click here to add a comment

Leave a comment: