Industry News

Bitcoin founder Satoshi Nakamoto’s email apparently hijacked

Satoshi Nakamoto.

The mysterious inventor of the popular crypto-currency Bitcoin.

His creation continues to trade at the speed of light, but Nakamoto himself has been a secret and anonymous figure to date.

But what if someone were to unlock his private communications? Would that help reveal more about the sphinx-like character at the centre of the Bitcoin universe?

Well, perhaps it might. Because a hacker claims to have taken over the email account belonging to Bitcoin’s secretive inventor, and is threatening to sell Nakamoto’s private information for money.

The hacker, who goes by the name of “Jeffrey”, responded to emails sent by Wired magazine, and claimed he had taken control of the satoshin@gmx.com email address and has access to information that could reveal Nakamoto’s true identity.

The email address was one used by Nakamoto back in 2011, when the Bitcoin inventor was communicating with early Bitcoin adopters.

According to the hacker, it was quite easy to take over the email address:

“The fool used a primary gmx under his full name and had aliases set up underneath it. He’s also alive.”

Jeffrey stated in a post on pastebin that he would publish Nakamoto’s information in exchange for 25 Bitcoins, equivalent to $12,000, paid to his Bitcoin address.

Jeffrey didn’t reveal any details on how he hacked the email address but he posted on P2P Foundation with the account to say that Nakamoto didn’t configure Tor correctly:

“Dear Satoshi. Your dox, passwords and IP addresses are being sold on the darknet. Apparently you didn’t configure Tor properly and your IP leaked when you used your email account sometime in 2010. You are not safe. You need to get out of where you are as soon as possible before these people harm you. Thank you for inventing Bitcoin.”

The hacker seems to have used the same login for Satoshi Nakamoto that was used for posting the implementation message of Bitcoin back in 2009.

Head of Bitcoin Talk Michael Marquardt posted on the forum to reveal he received a message from the hijacked account. He, however, isn’t convinced about the hacking and thinks it could be a troll making false claims:

“Today I received an email from satoshin@gmx.com (Satoshi’s old email address), the contents of which make me almost certain that the email account is compromised.

The email was not spoofed in any way. It seems very likely that either Satoshi’s email account in particular or gmx.com in general was compromised, and the email account is now under the control of someone else. Perhaps satoshin@gmx.com expired and then someone else registered it.”

But Bitcoin developer Peter Todd tweeted that he had received forwarded emails from Nakamoto’s account dating from 2011, suggesting the hacking could be more than an expired email address:

Interesting, got another forwarded email from “satoshi”, from 2011 – indicates this was a hijacked account, not expired and re-registered.

The alleged hacker’s mischief doesn’t appear to have ended there. For a while, the hacker had access to the Bitcoin project page hosted on the SourceForge code repository, and changed its description:

“Buttcoin is a peer-to-peer butt. Peer-to-peer means that no central authority issues new butts or tracks butts. These tasks are managed collectively by the network. It’s like a bitcoin, but with butts instead.”

The apparent hack comes six months after Dorian S Nakamoto, a Japanese-American 64-year old man, assumed by a Newsweek reporter to be the real Bitcoin founder denied any involvement with the creation of the digital crypto-currency.

If Jeffrey truly has hacked into Satoshi Nakamoto’s email account, then he it’s perfectly possible that he currently possess a treasure trove of information about the creator of Bitcoin, and raise questions amongst its admirers.

Of course, it’s also possible that this is all an elaborate troll designed to mess with the heads of the crypto-currency’s devotees.

Only time will tell…

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

3 Comments

Click here to post a comment