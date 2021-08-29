After three years of investigation costing more than $10,000, the American named Andrew Schober was able to find out who was responsible for stealing the equivalent of $1 million worth of bitcoin from him in 2018: two teenagers from the UK.

According to information from the Krebs On Security website, Schober could not file a lawsuit against the offenders because they were minors at the time of the crime, and so he tried to resolve the problem peacefully directly with the parents of the teenagers by write them a letter.

“Dear Mr. Read and Mrs. Wells, I am writing about your son Oliver. Last January I had my computer infected with a malicious program called Electrum Atom that stole £145,800 of bitcoin from me. […] With the help of a lawyer and a private investigative firm, the theft was traced to Oliver Paul Read of Bradford, West Yorkshire. It looks like your son is using malware to steal money from people online,” the victim wrote.

He continued the letter by describing how losing money was devastating, both financially and emotionally. “He may have thought he was making a harmless joke, but it had serious consequences for my life.”

Schober proposed to the parents that if the full amount of 16.4 BTC were returned to his address, he would leave the case in the past and not go to the authorities. The request, however, was in vain. Months passed and the parents did not respond to the letter.

Letter sent by the victim to the parents of the teenagers. (Source: Krebs On Security)

In May of this year, Schober decided to file a lawsuit against the parents in a court in Colorado (USA). The defendants’ families do not deny the allegation of theft, but defend themselves by saying that, by law, Schober’s time to file a lawsuit has elapsed since the damage was caused three years and five months ago—exceeding the deadline. of three years.

The victim of the robbery tried to counterattack, saying that he had been ignored by his parents and that he only identified the involvement of the second teenager in December 2019. The process is still ongoing and still has no outcome.

how the robbery happened

The Krebs On Security publication points out that Andrew Schober was robbed by teenagers when he was moving his 16.4 bitcoins from one wallet to another. When starting the transfer, a malware hidden on your computer changed the address entered in the field to a different one, controlled by young people.

Not noticing that his destination address had been replaced, Schober sent the equivalent of R$4 million in bitcoin to the criminals. Upon discovering he was the victim of a scam, he hired a firm to do a thorough investigation into the case.

Professionals discovered that he had inadvertently downloaded malicious software after clicking a link posted on Reddit to a supposed cryptocurrency wallet application called Electrum Atom.

The virus was hidden in the benign program’s file package and was designed to change the cryptocurrency addresses copied into the computer’s temporary clipboard. The forensic investigation traced the cryptocurrencies and found that they were sent to the Bitfinex exchange.

The victim also discovered that one of the defendants, a few hours after executing the theft, sought help from other programmers on GitHub to access the private key of the address used by the malware. The other teenager involved had the complete malware code in his library on GitHub.

The two teenagers are now of legal age and both are studying computer science at UK universities.