Chivo, the state-run Bitcoin wallet in El Salvador, is at the epicentre of a cyber-security maelstrom after criminals stole private data. On April 23, 2024, CiberInteligenciaSV, the organisation that caused the breach, posted a portion of the Chivo Wallet source code on the black-hat hacker forum BreachForums.
El grupo #hacker #CiberInteligenciaElSalvador, anuncia en su cuenta de Telegram que publicará parte del código fuente y accesos VPN de #Chivo #Wallet (@chivowallet), la billetera oficial de #Bitcoin y #Dólar creada por el #Gobierno de #ElSalvador (@Gobierno_SV)… pic.twitter.com/AUG8PM1VN8
— VenariX en Español (@_venarixES_) April 22, 2024
This most recent hack comes after another one in April that revealed the private data of 5.1 million Salvadorans, or almost all of the country’s population. The disclosure of Chivo’s source code and VPN credentials exposes serious weaknesses in the core supporting the government-run Bitcoin network.
In September 2021, El Salvador became the first nation to accept Bitcoin as legal cash. Since its launch, the wallet has seen a number of problems, including bugs, technological hiccups, and, more recently, data breaches. Despite the seriousness of the situation, the state has not issued any official statement addressing the leaks or outlining plans to enhance the security of the Chivo Wallet. This silence has generated further thoughts about the privacy and transparency of El Salvador’s digital operations.
The leaked source code also draws attention to the risks of adopting a decentralised and volatile asset like Bitcoin as a legal tender. While President Bukele has championed Bitcoin, this breach raises questions about the government’s capability to ensure the security of its Bitcoin-based initiatives.
3 minutos para hacer historia.In 3 minutes, we make history.#BitcoinDay #BTC
— Nayib Bukele (@nayibbukele) September 7, 2021
Meanwhile, CiberInteligenciaSV continues to taunt government officials via their Telegram channel, suggesting they may release additional information unless contacted by “nosy government people.” The hacker group appears intent on exposing security flaws within El Salvador’s Bitcoin infrastructure without seeking monetary gain, opting instead to publish the information for free.
The hack has drawn criticism from industry experts and local cybersecurity projects like VenariX, which warned the public about the impending leak. The continued silence from El Salvador’s government only adds to the uncertainty surrounding the nation’s Bitcoin experiment. As the Chivo saga unfolds, questions persist about the security, reliability, and long-term viability of El Salvador’s Bitcoin venture. The government’s response, or lack thereof, will play a crucial role in shaping the public’s perception of Bitcoin’s role in the country’s economy.
The leak of sensitive information poses several risks. It could lead to unauthorised access to the wallet’s systems, allowing malicious actors to exploit vulnerabilities for financial gain or disrupt operations. Additionally, the exposure of personal data, as seen in the leak of 5.1 million people’s personal data, raises the risk of identity theft and fraud. This could result in a loss of trust in the government’s handling of Bitcoin-related initiatives, potentially affecting the broader adoption of digital currency in El Salvador. Legal and regulatory repercussions could also arise, putting pressure on the government to improve cybersecurity measures and address public concerns. Overall, this leak highlights the security challenges of managing a state-operated Bitcoin infrastructure.
The post Government Silence on Chivo Wallet Breach Sparks Criticism and Doubts Over El Salvador’s Bitcoin Experiment appeared first on Metaverse Post.
