Code is not the weakest point in crypto thefts
In crypto, security is usually regarded as a technical issue. You are asked to safeguard your private keys, rely on a hardware wallet and steer clear of phishing links. Yet a prominent case in the UK reveals that the real vulnerability in this case might have had nothing to do with code.
A case currently before the UK High Court revolves around the alleged theft of 2,323 Bitcoin (BTC), worth about $176 million. The reported theft did not stem from hacking or malware. Instead, it began with a seed phrase being exposed, which became the single point of failure in self-custody.
The dispute centers on Ping Fai Yuen, who claims that his estranged wife, Fun Yung Li, and her sister gained access to his Bitcoin by secretly recording his wallet’s recovery information.
The assets were held in a hardware wallet, designed to keep private keys completely offline and shielded from remote threats. Yet the theft still happened and it required no breach of encryption.
Court documents suggest the theft only required discovering the seed phrase.
