Yesterday, famous Youtuber, Ian Balina, an advocate of ICO investing and all-round advocate of cryptocurrencies fell victim to a devastating hack whilst live streaming to his fans on YouTube.
You can see some of Balina’s work here- https://www.youtube.com/user/Diaryofamademan
During his recent live stream, a fan is alleged to have commented on the feed, stating that they had noticed all of Balina’s tokens had been moved from his wallet. Apparently, Balina failed to recognise this comment for around 15 minutes, before the live stream finally stopped, after Balina noticed some suspicious activity within his Google account.
Crypto Family, I need you now more than ever. I ended today’s live stream b/c I am being hacked. I’m not worried about the money. I learned my lesson. I only care about catching the hacker. Please email any information to firstname.lastname@example.org. Thank you all the support. $ETH $BTC
— Ian Balina (@DiaryofaMadeMan) April 16, 2018
It is now reported that Balina has lost around $2Million worth of cryptocurrency in this attack. He has since taken to Twitter to request help from the crypto-universe stating that essentially, the finances are not the main issue here, he just wants to catch the hackers.
Balina is an influential name in the crypto-sphere, his YouTube account has over 116,000 subscribers, and, he has over 140k followers on Twitter. His videos are watched by thousands of fans every single day. Therefore, this hack is not only one of great value, but of great significance in that it proves no matter who you are, you simply cannot guarantee the safety of your assets, if you’re not careful with them.
How did this happen?
Balina puts it down to a vulnerability with his Google account recovery email address. His recovery address, was set as his old college email addresses. Balina had noted some suspicious activity with his old college address and contacted the institution for help with this. Since they didn’t help, he sort of just ignored the problem, assuming it was nothing to worry about.
Sadly, Balina had his Google Account, connected to an Evernote account, which contained encrypted information about his cryptocurrency wallets and relevant passwords. According to thenextweb, this is what Balina had to say:
“This is how I think I got hacked. My college email was listed as a recovery email to my Gmail. I remember getting an email about it being compromised and tried to follow up with my college security to get it resolved but wasn’t able to get it handled in fast manner and gave up on it thinking it was just an old email. I kept text versions of my private keys stored in my Evernote, as encrypted text files with passwords. I think they hacked my email using my college email, and then hacked my Evernote.”
This, highlights just how important data security is. Never keep digital records of your passwords, realistically you shouldn’t keep physical copies either, encrypted or not. Your online data is easily accessible to those who wish to access it and have the ability to do so, storing your passwords in a format which means somebody else could possibly access them is an absolute amateur move, one which Balina clearly now regrets.
No matter how secure you think you are, always be weary of what could happen, sadly the internet is a dangerous place.
Hopefully the community can both help Balina trace who carried out this attack, but more over can recover some of the assets lost, whilst it seems unlikely, a lot of people are on his side.