Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label El Salvador. Show all posts

Cryptocurrency Chaos: El Salvador's Bitcoin Wallet Code Leaked, Privacy at Risk

 


There was a security breach with El Salvador's state Bitcoin wallet, Chivo, after hackers from the group CiberInteligenciaSV leaked a part of its source code to a hacking forum. In the earlier leak of personal data belonging to nearly all of El Salvador's adults, the code from Chivo Wallet ATMs as well as VPN credentials had been exposed. According to the wallet administration, there has been no compromise with the security of the wallet's data. 

Chivo Wallet had several challenges since it was revealed that it would be the official Bitcoin storage tool after its launch, so this event has become another blight on the Chivo Wallet. President Nayib Bukele set Bitcoin (BTC) as legal tender in El Salvador in 2021 to make digital payments more convenient. However, security breaches and technical issues have made the adoption of Bitcoin (BTC) difficult. 

The Chivo Wallet has been criticized by consumers for its slow operation, app crashes, vulnerabilities to exploitation, and lack of official backing, despite its official backing. The Chivo Wallet company has responded to allegations that it was linked to a data breach in which over 5 million Salvadorans' personal information was allegedly exposed. 

In addition to full names, unique identifiers, dates of birth, addresses, phone numbers, emails, and photographs, all of this data was leaked. The data had been rumoured to be related to the KYC processes that the Salvadoran government required its citizens to complete before they could be offered incentives, such as $30 in Bitcoin at the wallet’s launch, by the Salvadoran government. 

On April 6, the hacker group CiberInteligenciaSV compromised 5.1 million Salvadoran data. Recently, the same hackers leaked the source code for Chivo Wallet and the VPN credentials for the ATM network. The Chuvo Bitcoin wallet, backed by the government, has caused controversy among peer-to-peer money enthusiasts and crypto punks alike for its custodial status. 

In a press release published on X (formerly Twitter) on April 24, the company commented on the matter, describing it as “fake news.” Furthermore, a group of individuals from the Salvadoran community who downloaded the wallet have released over 144 GB of data containing their personal information. Even though it was available for purchase on various channels since August, it was only leaked for download on April 5. 

This data includes a user's full name, unique identifier, date of birth, address, and a high-definition picture of their face, as well as their full name, unique identifier, and date of birth. Also included in this week's leaked information was the file Codigo.rar, which contained information on El Salvador's Chivo ATM network, including the code and VPN credentials for the network.

Government officials have yet to come out with a formal statement regarding either of the hacks that took place this month. As a result of the leak of the code and VPN details of the source, the Chivo wallet system is at risk of being compromised, making hackers able to gain access to users' accounts or control them unauthorizedly. 

The particularity of the data exposed previously affects almost the entire adult population of El Salvador, which makes them fear identity theft and fraud as a result of the exposure of personal data previously exposed. In light of these breaches, security experts advise users to be vigilant and to monitor their accounts for any suspicious behaviour if they see anything strange. 

El Salvador is a country where incompetence is prevalent and there is a good chance that this will have a significant impact on the financial ecosystem as well, as trust in the government's digital solutions might wane as a result. In the beginning, the Chivo software was plagued with numerous software bugs and technical glitches as users reported numerous problems with the software. 

Despite the President's promise to give them $30 for downloading the Chivo wallet, some people were not able to withdraw money from Chivo because some had trouble getting it. The Salvadoran government announced last year that over 100 ATMs across the country will be equipped with lightning network technology in Q4 2024. 

Over 100 ATMs across the country will be equipped with this technology. In theory, this technology could allow Salvadorians to withdraw and deposit Bitcoins in an easier and faster manner with a lower fee. It was reported in October by a Salvadoran newspaper that only about 2% of the Salvadoran population was making remittance payments through the wallet, which had been its main selling point for a long time. 

It has yet to be decided whether or not the Salvadoran government will declare a policy on this issue or formally address the issue. The state of El Salvador has become the first in the world to adopt Bitcoin as a legal tender in 2021, promoting the Chivo wallet as one of the official mediums used to engage with Bitcoin by its citizens. 

The fact that these security issues exist in addition to the absence of communication from the authorities leaves the Salvadorans with an uncomfortable sense of uncertainty as to whether or not their personal information is safe and if this digital wallet offered by the state is reliable.

El Salvador to Offer Citizenship for a $1 Million Bitcoin ‘Investment’


Last week, the El Salvador government, along with the stablecoin company Tether, joined in an initiative called ‘Adopting El Salvador Freedom,’ which will enable foreigners to obtain a Salvadoran passport in exchange for a million dollars in Bitcoin.  

This initiative, which has a 1,000-participant annual cap, seeks to attract high-net-worth individuals by providing them with residency and eventual citizenship in exchange for their investment. 

The initiative will require the ‘participant’ to make a $1 million investment in BTC or USDT, and successful applicants will be eligible for a Salvadoran passport and citizenship. According to a Bitcoin news source, Adriana Mira, El Salvador's Vice Minister of Foreign Affairs, emphasized the program as a critical step for anyone hoping to contribute to El Salvador's economic future. 

However, Tether needed to make it clear where the funding will take place.  

In September, El Salvador became the first nation to accept Bitcoin as a legal tender. The country required companies to accept the popular cryptocurrency as payment and launched a digital wallet named "Chivo" to encourage its citizens to use it by offering a $30 sign-up bonus in Bitcoin.

However, this plan evoked controversies among the Salvadoran public, with them protecting against the action – and President Nayib Bukele's alarming shift towards autocracy ensued – a vast majority of them continuing the use of cash. According to Fortune, Bitcoin's price fell from an all-time high of over $69,000 in November 2021—when Bukele announced the building of a “Bitcoin City”— to less than $17,000 by the start of 2023 as a result of Bukele's disastrous use of tens of millions of federal funds on the cryptocurrency.

How Did Bitcoin Boost The El Salvador’s Tourism

Despite the controversy revolving around the initiative, the country has gained popularity among Bitcoin enthusiasts worldwide. The country’s tourism minister announced in May that travellers were coming to the nation in unprecedented quantities because of its dedication to cryptocurrency. This included a huge number of the most well-known “Bitcoin maxis” in the world, such Swan Bitcoin, a powerful business that established a home in El Zonte, a surf town that is primarily responsible for sparking the nation’s Bitcoin experiment.  

El Salvador Government is Employing Pegasus to Spy on Journalists

 

The warning came in August 2020. I was instructed to meet him at six o'clock at night in a deserted parking lot in San Salvador by a reliable source. He had my number but didn't want to leave a trail, so he reached me through a friend instead. He instructed me to leave my phone in the car when I got there, stated Nelson Rauda Zablah, a Salvadoran journalist whose work has been featured in the New York Times, the BBC, the Los Angeles Times, and the Economist among other publications. 

Moreover, he informed me as we walked that the negotiations between the president of El Salvador and the renowned MS-13 gang were the reason my colleagues at the Salvadoran news outlet El Faro were being watched. 

Although this may seem like a terrifying movie scene, several journalists from Central America have actually experienced it. Many people in my profession go about their daily lives with the sense that they are being watched, putting their phones away before meetings, utilizing encrypted messaging and email apps, communicating in code, and never sharing their real-time location. 

I wouldn't understand what my source meant in full until more than a year later. Not only were my colleagues being followed as they looked into that story. They had frequently been the targets of Pegasus, a type of weapons-grade espionage software, along with at least 18 other El Faro members, including myself. The shiny new toy of the Israeli spyware company NSO Group is called Pegasus. The Citizen Lab and other forensic analysis firms discovered that the Pegasus attacks in El Salvador began in June 2020 and persisted through November 2021. This technique was used to spy on 35 journalists and members of civil society in total. 

When you have the Pegasus virus, spies essentially have a duplicate of your phone. They have access to everything, including your private photos, texts, transactions, and app choices and usage. I had to take action when the surveillance was detected, which included closing my family group chat and uninstalling my financial apps. 

For journalists, this implies that spies can listen in on all of our phone calls and chats with sources. I was attacked while pursuing and publishing personal footage of President Nayib Bukele's siblings discussing the Bitcoin Law in El Salvador with foreign businessmen before it went into law. As my colleagues Carlos Martnez and Gabriela Cáceres continued to divulge additional information concerning the government's interactions with gangs and a related criminal investigation, they were hacked. I could continue forever. 

After the assaults, journalism has become much more challenging. Several sources jokingly returned our calls after the hacking was made public by wishing any decent people listening to a good day. However, a lot more people only picked up the phone to tell us to stop calling, and the majority of them didn't even answer. One person told me that he now knew why his wife had been let go from her government job, according to a source. I was miserable. Guilty. Powerless. 

Above all else, Pegasus makes you feel helpless. We think the infections in El Faro occurred as a result of a "zero-click exploit," which means we didn't even click on a fake link to let the spies in. Just now, they got in. Get a new phone, and change your number; they'll just break in there, too. 

However, we didn't want to be helpless. We shared our tale with press organizations worldwide. We appeared on TV, attended press conferences, and filed a complaint with the attorney general's office in El Salvador. Therefore, 14 of my coworkers at El Faro and I have chosen to sue NSO Group while being represented by the Knight First Amendment Institute at Columbia University. 

We're not in it for the money, I can tell you of that; otherwise, we wouldn't be independent journalists. This is a development of our ongoing efforts in El Salvador to expose corrupt government officials. We are taking this action in the United States because El Salvador's coopted institutions have run out of legal options. 

Additionally, this is not just for us. The gadgets of over 450 law-abiding men and women from all around the world whose devices had been compromised by NSO Group's Pegasus were listed by the Israeli newspaper Haaretz in April. Many of them don't reside in nations or occupations where they can file lawsuits. 

However, someone must. Executives of the NSO shouldn't be able to wash their hands after using their apparatus to harm journalists. In a practical sense, NSO let loose the hounds to hunt us down. And now we're retaliating.