This is what crypto exchanges fear the most, an inside job, a theft of Bitcoin committed inside the company by an employee who has access to the crypto wallets.
Another scenario is an employee who lets hackers in by installing a software that adds a back door on the servers.
In the case of the Bitcipher crypto exchange, it is the co-founder who used the crypto wallets of the crypto exchange to steal no less than 63.5 Bitcoins BTC!
Ayushi Jain has been arrested by police on Thursday March 19, 2020 for thefts which occurred in January and March 2020.
Thinking she could get away with it, the co-founder was easily suspected as responsible for these Bitcoin thefts.
The complaint for BTC thefts had been filed by Bitcipher Labs CEO Ashish Singhal, who noticed Bitcoin tokens to be stolen.
Ayushi Jain co-founded the Bitcipher crypto exchange in 2017.
Bitcoins were stored in hardware Bitcoin wallets like the Ledger Nano X for which you must have the 24 secret recovery words in order to have access to the Bitcoins stored on these crypto wallets.
A 24-word passphrase that was written on a sheet of paper.
Indian police immediately suspected someone close to the company who might have had access to the Bitcoins stored on the crypto wallets at the crypto exchange.
Ayushi Jain left the company at the end of 2019, just before the BTC thefts, it quickly became clear that she was therefore the Bitcoin thief at Bitcipher.
A story that ends well since the stolen Bitcoins were recovered by the police thanks to the confessions of the thief co-founder.
The police said:
“On Wednesday, we arrested Ayushi and searched her house. We grabbed a laptop computer that contained the history, showing how Ayushi used the passphrase and stole money in installments between January and March. She confessed to the crime. Thursday afternoon, we recovered the full amount.” reports The Times of India.
Crypto exchanges like Binance already have a lot to do to avoid outside theft, so they must also watch for any attempt to steal internally by their own employees or event the co-founders as in the case of Bitcipher!
Some crypto exchanges like Coinbase or Ledger have also suscribed insurance policies which cover customers in particular against thefts committed by employees of the company.
And if you have a Ledger Nano X crypto wallet, no one should be able to know the 24-word passphrase that protects the crypto wallet otherwise it gives access to the cryptocurrencies and Bitcoins that are stored on it.