The CiberInteligenciaSV forum leaker announced another breakthrough in the ongoing drama surrounding El Salvador’s crypto breach.
After leaking the confidential data of Chivo users (El Salvador’s official crypto wallet) earlier this month, the malicious actors now started releasing the wallet’s code.
But how did it all start, and how did El Salvador find itself in this pickle?
In early April of this year, El Salvador’s state-owned Bitcoin wallet Chivo got breached by CiberInteligenciaSV, an anonymous forum user. The breach exposed over 5 million users, which is the most significant crypto-related leak to date.
Especially when considering that the entire state of El Salvador has a population of little over 6,3 million.
According to the preliminary investigation, the hackers managed to gain access to over 144 GB of confidential data, containing the full name, IDs, date of birth, addresses, and even HD pics of each user. But how? Subsequent investigation seemingly showed that the leaked data came from Alejandro Muyshondt cloud backup.
Muyshondt ranks as a former national security advisor with a shady background as well. It was revealed that Muyshondt helped Mauricio Funes, the former Salvadoran president, to escape the justice system and flee the country in August of last year.
However, 3rd party investigators, including David Gerard, a known blogger and blockchain specialist, hinted at the Chivo wallet as being the source of the leak. The theory was supported by the fact that the leaked data was identical to the registration info required by Chivo.
This theory was confirmed shortly by subsequent investigation, which casts a bad light on El Salvador’s cybersecurity prowess. Especially given that the state-owned Chivo wallet has only been in use since 2021.
The source of the leak appears to be CiberInteligenciaCV, a VIP user active on BreachForums since the current month. Which is when the first Chivo breach occurred. The identity of the person(s) behind the attack or the leak is still unknown.
What’s interesting is that the hacker(s) doesn’t appear interested in exploiting the leaks for their financial gains.
This is rather unusual in the cybercriminal sphere, as most gangs typically aim for profit. The anonymous source also announced that they’ve started to leak part of Chivo’s source code and that they will continue unless a governmental representative “wants to talk.”
This hints at the idea that the hacker may indeed have some demands that they’re only interested in discussing with the proper individuals.
It’s unclear how the situation will unfold in the following days, but the silence of the Salvadorian government only adds fuel to the fire. No governmental representative has commented on the situation unfolding, which is unusual.
Especially given the magnitude of the event and the number of victims reported after the breach. But El Salvador isn’t a stranger to controversy. The country was the first to adopt Bitcoin as a legal tender in 2021, which was met with a lot of opposition.
The main problem was Bitcoin, along with the blockchain technology itself. Bitcoin is supposed to offer anonymity and allow users to circulate their finances freely and uninhibited throughout the network. As some have pointed out, this is great news for tax evasion.
The country’s history and profile don’t help with that either. El Salvador is known for its money laundering problems, along with corruption, human trafficking, drug-related gang war. The situation is a lot tamer today, but it’s not tamed by any means.
It’s not difficult to see why some believe adopting an unregulated financial system that offers complete anonymity is a bad idea. In this context, the fact that the government is silent about the situation is by no means comforting.
We believe security online security matters and its our mission to make it a safer place.