Slashdot Mirror

← Back to Stories (view on slashdot.org)

Where Did WikiLeaks' $25 Million Bitcoin Fortune Go? (thedailybeast.com)

Posted by msmash on from the where's-your-bitcoin,-dude dept.

Everyone from early investors to cybercriminals has benefited from the huge spike in the value of bitcoin in the past few weeks. It's a boon for one other outfit that has likely racked up tens of millions of dollars' worth of the cryptocurrency: WikiLeaks. Joseph Cox, reporting for The Daily Beast: The transparency organization may be sitting on a stockpile of bitcoin valued at around $25 million, and has likely exchanged several other large cryptocurrency caches for fiat cash, according to two sources who independently analyzed WikiLeaks's bitcoin transactions. "Last wallet looks like his piggy bank," John Bambenek, a security expert who has previously tracked Neo-Nazis' use of bitcoin, told The Daily Beast, pointing to a specific bitcoin address believed to be linked to WikiLeaks. Since at least 2011, WikiLeaks has allowed supporters to send bitcoin donations. As noted by James Ball, a journalist and former WikiLeaks staffer, whoever is in control of this address -- presumably WikiLeaks -- moved around 3,000 bitcoin, worth $800 each, into a series of other accounts on one day in December 2013.

1 of 85 comments (clear)

  1. Re:Bitcoin Addresses != Unique Individuals by mysidia · · Score: 3, Informative

    WHY is it stupid? Perhaps because it's too easy to steal

    It's HARD to steal, unless they are amateurish in their key management practices.

    Use dedicated hardware-wallets with optional BIP39 Passphrase + Strong PIN + Strong physical security.

    If they're concerned about insider attacks, then they can use a special procedure to generate credentials where No one person ever gains access to sufficient credentials to authorize a transaction.

    For example: Suppose the wallet is a Trezor.
    You need two items to operate the device: BIP39 Passphrase to open the wallet, and PIN number to authorize each transaction.

    You would need two items to recover or clone the device: 24 Recovery words and BIP39 Passphrase

    Person 1 will make up and personally secure the 48-character random passphrase, and give the first 16 characters to Person 2 and Person 3, AND give the next 16 characters to Person 4 and Person 5, and finally Person 8 and Person 9 will receive the rest of the passphrase.

    Person 2, Person 3, Person 4, and Person 5 begin the initialization process for the wallet and begin selecting an 8-digit PIN number.
    Person 2 and Person 3 handle choosing and entering the first 4 digits of the PIN and their share of the passphrase, then Person 4 and Person 5 handle entering the next 4 digits of the PIN and their share of the passphrase, then Person 8 and 9.

    For wallet recovery: The 24 seed words will be divided into 3 shares.
    Person 1, Person 2, and Person 3, Person 8 will write down and personally secure the first 8 words

    Person 4, Person 5, and Person 6, Person 9 will write down and personally secure the next 8 words

    Person 7, Person 8, and Person 9, Person 10 will write down and personally secure the last 8 words