Cybersecurity concerns surged in El Salvador in April when the same hacker group conducted two significant hacking activities. First, a massive data privacy breach from an unconfirmed source and, second, sensitive information of the government’s Bitcoin (BTC) wallet, Chivo.
The hacker group CiberInteligenciaSV was behind a massive personal data breach on April 6 that affected 5.1 million Salvadorans. More recently, the same hackers leaked Chivo Wallet’s source code and ATM network VPN credentials.
Chivo is a government-backed custodial Bitcoin wallet that has been the center of controversy among peer-to-peer money enthusiasts and the cypherpunk community. The company has commented on the matter, calling it “fake news” in a press release on April 24 on X (formerly Twitter).
“Our users’ data is protected, and CHIVO security has not been breached. The information recently leaked is from a single CHIVO ATM located in the department of San Miguel that was stolen on March 21, 2023. One individual accessed information related exclusively to that ATM’s operations. This leak contains no personal data, and it does not put any of the confidential information from our wallet at risk.”
Hacking activity in El Salvador and Bitcoin wallet’s leak
E pei ona lipotia mai e Atlas21, o le CiberInteligenciaSV group published the file ‘Codigo.rar’ on April 23 along with the following message:
“Here is a compilation of code and VPN credentials of the Chivo Wallet ATM network, if anyone wants all the files, they can send me a private message, enjoy.”
Atlas21 mentioned an increased suspicion that the previous privacy breach originated from Chivo Wallet and a notable silence from Bitcoin advocates and experts in the country.
“It is noteworthy the silence of the authorities, especially those linked to the Bitcoin world, who for years have remained silent about the limitations and risks of Chivo. No official statement has been issued, neither regarding the dissemination of personal data of almost the entire adult population of El Salvador, nor regarding the alleged connections with Chivo wallet.”
Furthermore, the case has sparked debate in the cypherpunk community after a Bitcoin podcaster and influencer, Rikki, fetufaaʻi o le tala.
El Salvador made history on September 7, 2021, by introducing the Bitcoin Law, which made Bitcoin legal tender. As a result, the country attracted investors, enthusiasts, and reporters who later discovered that Salvadorans were struggling to adopt BTC.
Now, recent developments could hurt users’ confidence if Chivo Wallet is proven to be the source of the 5.1 million-person data breach—the company has not commented on that.
Source: https://finbold.com/hackers-leak-el-salvadors-bitcoin-wallet-source-code-after-massive-privacy-breach/