Reddit User Blames Google For Hack Of His EGEM Cryptocurrency
U/igortt, a Reddit user on February 27, 2019, in a message titled, “Why Security is Important (Or how Google sucks at it and it's just pathetic.)” stated that EGEM cryptocurrency was stolen from his MyEtherWallet (MEW) due to Google's inability to block an intruder from accessing his Google drive account in order to obtain his private key.
Redditor's Account On Stolen EGEM Tokens
Based on the Reddit user's account, EGEM tokens which were stored on MEW were stolen as a result of a hack on his Google drive account.
The breach was discovered while trying to play a cryptocurrency-based game on Discord which requires EGEM coins.
However, he was prompted by an error message stating that the funds held in his wallet were insufficient to allow him to play the game. He then decided to check his online wallet only to discover that it had been cleared of the thousands of tokens which it held.
While taken aback on how the hacker may have obtained his private keys, U/igortt stated that he had set up security measures to prevent his passwords from being illegally obtained.
One of such was through the “encryption of files” which were stored on his “encrypted laptop” as well as the refusal to store them online.
MEW Account Hacked Despite Security Measures
U/igorrt also noted that a few months before the hack, he had only been storing old documents and images on Google Drive.
However, the flash drive he had been using needed a replacement, and as such, he moved the text files containing his private keys to Google drive. He was then able to replace the flash with another and re-transfer copies of his document to it.
Down the line, he forgot to delete the backup on Google drive which had still be stored and during his investigation, he discovered that someone had accessed his account the previous day.
The intruder had only opened cryptocurrency folders which are believed to have led to their discovery to the key to the account.
U/igortt is also of the opinion that the hacker's actions were not random given that they knew which files to access and immediately cleared his holdings to another account before transferring it to Graviex exchange wallet.
Google Fails To Notify User Of A Possible Intrusion
In the same manner, a security check on Gmail accounts revealed that there was no trace or logins by a third party device. Likewise, Google did not send an alert of an unrecognized system logging into the account.
Therefore, U/igortt has decided not to store his sensitive files on Google drive again and has since moved them to an encrypted password manager app which he believes can offer a higher level of security.
The massive adoption of virtual currencies over the years has also led to an increase in cybercrime, with crypto-related crimes with the use of malware being rated as the top.
Bitcoin Exchange Guide on February 16 reported a similar event that Coinmama cryptocurrency exchange was hacked and about 450,000 emails and passwords were accessed.