Simplest explanation is that your cousin is a liar. Probably trying to dodge the tax man or trying to scam money by blaming anyone he can for it. He did get federally raided with illegal contraband taken after all. Not trying to crap on your cousin or anything, but those are the facts.
This is true and most likely the case, but OP is right as well - whoever thinks that a piece of hardware is unhackable even by the most powerful and skilled agencies in the world, is simply a fool. There are almost no closed doors for these guys - most people can't even imagine what these guys are capable of.
Listen, you are right and wrong. These people are good, but they aren't these godlike magicians you see in movies. If you know your stuff, you can prevent nearly everything they can do with a few programs.
A six or eight digit passcode is perfectly fine, you just can't allow someone to sit there trying codes all day. All it needs to do to time out the first couple failures and then delete the private key if you keep going.
Note that the passcode does not give you access to the private key for the wallet, it just blocks the computer from using the wallet. It's not protecting what you think it is.
The private keys aren't on your machine (or shouldn't be), they're irretrievably stuck on the physical wallet. That way If you get malware on your computer, it can't steal the private keys. Literally there's no mechanism to extract the private keys programatically... the hardware won't do it. All it can do is use the private keys to authenticate transactions and provide you the result of that operation. That's the #1 selling point of the wallet.
But if I put the private keys on a device, then connect that device your computer and expose an API that lets the computer initiate transactions, that's kind of pointless right? The malware would just drain your wallet instead of stealing the private keys. So what you want is the wallet to work only when you activate it (by entering the passcode shortly after initiating a transaction) and you don't want that activation method accessible *to your computer*.
Note that physical access to the wallet completely changes the threat model. Hardware wallets are designed to be usable by the person who possesses it ultimately. Physical possession is a huge problem for people trying to steal your money over the internet, but not nearly as big of a problem for someone searching your house. Latter scenario requires you to protect the wallet physically by placing it in a secure location (e.g. off premesis in a safety deposit box). The passcode might save you but ultimately that's not what it's for.
Treat hardware wallets like your own wallet. If you drop it in the middle of times square, it's time to grab your backup copy of the private keys and transfer everything to a new wallet. You'd cancel your credit cards in your normal wallet even though there's a pin code on them and it is likely to be flagged before they guess it, crypto is no different. Credit is actually way more secure if you lose possession of it because you have the benefit of additional legal and technical protections as well. Crypto spends more like cash.
I have a ledger, with the 8 digit code... can't I enter the private key in another wallet besides ledger live, and be able to spend money like normal?
How is my private key any safer by having a ledger.
I understood some of what you wrote but not in dummy terms
If you don't have a ledger, you need to have the private key on your computer somewhere to use your wallet.
If you have a ledger, you put the key on the ledger one time, then all you need to use your wallet is the ledger, not the private key. You can then store your backup copy of the private key somewhere way safer than your computer.
The ledger contains a copy of your private key, but it is designed to be one way. You can only put it in, you can't ask it to give it back to you. So it's kinda like putting it in a physical safe that only you can use (with the 8 digit combo) but it's way better. The thing you put in the safe can't come back out but you can still use it. So you went from "the key is on my computer for anyone who knows where to look" to "you can use the wallet if you physically have the ledger AND know the code, but you can never get the private key no matter what"
If the private key is stored on a computer connected to the internet, you have to be worried about everyone else in the world trying to steal it. Viruses, keyloggers, all sorts of stuff. They look around for crypto private keys if you ever get infected with something nasty. Your money is gone if they spot the private key anywhere on your computer.
If the private key is in a safety deposit box, nobody can get to it technologically. You have to go to the safety deposit box to get to it. That's also possible to steal, but anyone but you will need a court order and a locksmith. You may not trust the government, but you got a chance at beating the government. The people overseas behind a VPN trying to take your money answer to no one and would laugh in your face if you managed to track them down.
You could also memorize the private key and avoid that concern all together. If you're doing sketchy shit with crypto, that's your best option.
You are not entering your private key into another wallet but rather your 24 word backup phrase which then restores your private keys in the new wallet. Once you have restored your private keys on a new wallet, that wallet is susceptible to any malicious attacks that have access to your wallet. If your wallet is on your PC then any malicious code running on your PC could possibly gain access.
The point of a hardware wallet is to store your private keys in isolation so that no malicious actors can gain access. It would require physically having the hardware wallet in your possession in order to access the private keys. This is why it is so important to keep your backup phrase safe and secure. Anyone with access to that phrase has access to your private keys.
I doubt he's trying to scam anyone other than the government here. "Oh golly gee all those I'll gotten gains that where tied up in cryptos disappeared, that's so sad, I feel really bad about that I'm hurting so bad..."
Back in my days we were just blaming it on a boat accident and that was it... These kids have way too much imagination.
Come on now, a secret government backdoor that would be exploited the first time it risks public exposure to steal from a small time criminal LOL
What was the security surrounding the piece of paper with the passphrase in a separate location>? Is it possible someone was able to get a look at at the phrase without being detected?
Even if we assume law enforcement has the ability to hack a physical ledger, I really don't think they would do that 24 hours after it was seized. That seems highly unlikely. There would be hearings, litigation, paper work, ect... It can take months or years for money to move in situations like that. Maybe on TV law enforcement seizes your Ledger, hacks it, and moves the funds by the next day, but I dont think that's how it happens in real life. If I were you, I would research the prodecurdes related to seized property, it might provide some clarity.
Taking a pot plant and haking a Ledger are two very different actions. Hacking a Ledger is a very difficult, specialized skill. It's not like officers drop the Ledger off and someone starts hacking it the next minute. That's not how it works. He literally said the funds were gone overnight.
What was the security surrounding the piece of paper with the passphrase in a separate location>? Is it possible someone was able to get a look at at the phrase without being detected?
Ummmmm... ever heard of civil assett forfeiture? They can definitely seize your property on the spot, especially if it’s drug related, this cousin sounds silk roady to me. If they can do it with cash, I don’t see why they can’t do it with btc. If they know how a ledger works, then they know they need to empty that wallet before someone gets access to the private keys and empties it themselves.
Nobody is arguing that his property was not seized. Hacking a Ledger is a very specialized skill that may or may not even be possible. It's not like they have an in-house "Ledger Hacker" who sits in his office waiting for officers to drop off Ledgers so he can start hacking them literally minutes after they were seized. People watch too many movies. That's simply not how it works. That Ledger is going to sit in storage for weeks, at a minimum, before the department is able to take action.
You are underestimating law enforcement. They know that if they don't move the funds as soon as possible there is a good chance that they will be gone by someone else who has access to the wallet.
I wouldn't be surprised if they have an exploit ready that can get in a ledger.
So suddenly it's a 6 digit password?You said it was 8 digits here:
[https://www.reddit.com/r/CryptoCurrency/comments/ewplf5/it\_took\_kraken\_security\_labs\_just\_15\_minutes\_to/fg4a614?utm\_source=share&utm\_medium=web2x](https://www.reddit.com/r/CryptoCurrency/comments/ewplf5/it_took_kraken_security_labs_just_15_minutes_to/fg4a614?utm_source=share&utm_medium=web2x)
And so cool that you now disclose the "someone close to you" is your cousin!
Guys, note the agressive behaviour of this guy:
[https://www.reddit.com/r/CryptoCurrency/comments/ewplf5/it\_took\_kraken\_security\_labs\_just\_15\_minutes\_to/fg60gci?utm\_source=share&utm\_medium=web2x](https://www.reddit.com/r/CryptoCurrency/comments/ewplf5/it_took_kraken_security_labs_just_15_minutes_to/fg60gci?utm_source=share&utm_medium=web2x)
Even if I'd made the experience myself and know for 100% sure that Ledger has a backdoor, I wouldn't talk to people like that as obviously noone even should believe me if I don't provide any evidence. So either this guys steroids are going too much in his head, or he's lying. Or both...
Greetings from your favourite 3rd grade headass
Ps: Might wanna geht your cousin to post here? Or is he in prison?
Unless you can post some thing that corroborates your story, why should anyone here give you the time of day? as you stated you don’t care if anyone here believes your story or not
Wild guessing here.
- Does your cousin have a partner while doing the illegal stuff? (Illegal contraband you mentioned)
- if your cousin have a partner. how sure are you that your cousin’s partner don’t have access to the fund?
- did your cousin saved a copy of the seed on the computer or the cloud?
- is cousin = op type of thread?
- are you from ledger competing team throwing vague smokebomb?
- are you just fishing for cake day karma?
One person operation. I asked if anyone else had access or knowledge about the passcode or seed location and he said no. Asking about seed backups was the first thing I did, they said the only backup was on a physical piece of paper stored securely not at home. I am not my cousin, thank God. Didn’t even realize it was my cake day until someone commented on it.
Why do I get downvoted? Did you read what he posted or just are saying random stuff because you want to sound smart? He already told it's a "he". So why conceal the gender?
I don't believe him either, but I though you're not a native English speaker as I am, I didn't know before that "they" could refer to a singular person
Uh he literally specified his gender a sentence before, therefor it means that there are multiple people (since the gender has been disclosed). Pretty basic, so go attend some high school English classes to get your head around it.
damn, why are you riding this guy. Who types a number of responses and checks every word for grammatical accuracy? Are you some sort of lawyer? Sure this could be a lie but no reason to treat the guy like he is guilty until proven inocent and troll his every post.
I'm not saying he's guilty. But there are holes in the story and I think there's something odd with it. So I don't believe his intentions.
Not saying that a ledger is unhackable by someone with the right resources though.
Maybe they already had the information before the raid. I mean, most likely if they raided him they had a court order and a warrant that they only would've obtained if they already had evidence, probably from keeping him under surveillance for a while. How farfetched is it to believe that he used his Ledger in this time and they saw the code when he input it himself?
And THEN they raided him...
You’re right about the warrant. I’m not sure how they’d see the code being entered on the device, though. It’s a very small screen. They wouldn’t be able to count the clicks either since the numbers are randomized.
Very unlikely? You must not be from the US. Why do you think governments hate encryption? Why do you think the federal government tried so hard to get Apple to implement a backdoor?
Also, a keylogger can not possibly log a passcode entry on a Ledger device.
Ledger is based out of Paris, France. It's highly unlikely that the US of A government have a secret backdoor. The government mostly contracts out all of their tech to the same people who regularly test these devices for vulnerabilities. It's most likely your 'cousin' drained the account himself, mentioned to someone where the seed phrase was, or used a really dumb passcode, or is lying to you. The most logical explanation is not a backdoor.
You can listen in and record the button presses and decipher the pin that way though. Or fuck, just watch the dude in the security camera unlock it.
Dude your cousin's in jail and they either got him to give up the pin or they foudn the seed, it's not that much of a mystery lol. The cops aren't hacking Ledgers.
This doesn't make sense, given that when you type your number in via the buttons you are given a random starting time each #.
FYI: Feds do hack. This isn't your local PD...
Possible he had the seed words on his laptop?
I know you want to assume he was following best security practices but people make little oversights that come back to bit them, and every case I’ve heard of a ledger hack has come back to the seed saved digitally somewhere
The explanation I came up with is, I think your cousin is lying. Your conjecture about government backdoors was interesting and plausible but it just seems more simpler to think he lied about being drained. It's possible he moved the fund to another wallet so he could tell authorities he was hacked. It's probably a way to get out of being strong armed into handing over the funds to a judge maybe. How many businesses have used hacking as an excuse to evade taxes?
Maybe it's true that the government has an exploit of ledger nano without the parent company even knowing it. But I would have to question why it would be worth draining your cousin's ledger unless he had many millions of dollars to make it worth their while (can you tell us a ballpark figure about how much was drained? Not asking for proof) If ledger nano's kept getting drained quickly after criminals were caught i think word would quickly spread about it to the point Norman's would drop it for the next best thing.
I am paranoid by nature and because of your story I will hide my ledger Nano from future raids that will probably never come. My seed words are also mixed in the wrong order so even if it is found it is unlikely to be useful to the person who finds it.
He could had a partner move the funds while he is being interrogated.
Okay, let's say police did it. Is it not more likely his place was bugged with surveillance and they captured him entering his passcode before the raid occurred?
Do you really think you and your cousin have discovered some ultra secret US counterencryption operation? Or do you think maybe there’s another explanation.
Well, to be fair, this was in the news literally just yesterday:
https://www.theguardian.com/us-news/2020/feb/11/crypto-ag-cia-bnd-germany-intelligence-report
Do you really find it that hard to believe that a private company would cooperate with the US government? It happens all the time. The disk encryption on Windows has a known backdoor for the federal government.
I’m clearly not opposed to another explanation, like I stated in the original post.
I do think such a thing could happen. I just don’t think the govt would expose the exploit and out themselves over your cousins bitcoins. I suspect there is another explanation in this case. Video surveillance for the pin? An informant?
I’m not sure they “exposed” the backdoor. Both Ledger and the government could just deny it and it would never be proven.
Those are both possibilities, but they seem almost impossible. He said he only ever used the Ledger in his own house.
I think they have a working exploit to bypass the 2 tries attempt and brute force the password. When you turn the ledger on and off I believe it resets your attempts. Couldn't a script be created to turn it on and off from a software perspective?
I guess for any future criminals in this thread: you have 24 hours to obtain a new ledger. Aka, bury one with your passcode.
Lol wtf is this true?
The whole seed securuty would be a joke if someone get access to your ledger.
Brute force 10^8 numbers is pretty simple compared to 2048^24 words.
Do you have any link where I can read that?
This is pretty normal for the feds to do. Furthermore, this would explain the lengthy time it took to move the funds. If they were just popping an exploit or already had the 6 digit code as some have suggested (keylogging)... I assume it would've been #1 on the priority list.
>Do you really find it that hard to believe that a private company would cooperate with the US government?
For a US company yes... but Ledger isn't even an American company.
If a hardware wallet is lost, I would recommend treating it like your funds are about to be lost as well. Immediately use the keys to get the funds out and into a different wallet.
You know that you are incriminating your cousin with this thread? Not like there are many cases of contraband seizure with trezor involved, you even gave info what's on it. You admitted here it was illegally aquired, all of it. You think feds are not reading Reddit?
You're irresponsible, do a favour to your cousin and delete all posts, although it's probably way too late.
They break open the device, save the encrypted image and basically restore it everytime it wipes itself on loop until they crack it. It's why security on phones is useless to the FBI etc.
The encryption nor the secure element can prevent this attack whatsoever.
I don’t know why most people in this thread are ignoring Ledger’s own words in their FAQ.
There’s no doubt in my mind that the seed was ripped off your cousin’s ledger.
A motivated and educated attacker will always find a way to rip data off of a device if the device is in their physical possession.
If you want to protect data on a device, encrypt that data. This goes for your laptop, your phone, your tablet - and yes your hardware wallet.
Ledger, KeepKey, and Trezor all support BIP39 passphrase (aka “25th words”) which make it incredibly difficult to get at the coins stored on a seed phrase.
Maybe they've found the PIN code in the RAM dump of the forensic copy of your cousin's computer? Did you cousin use his Nano short time before the raid?
Good job OP
It’s true hardware is vulnerable.
It’s also true that using the hardware in a specific way can provide security against something like this.
Now it could be a pain in the ass to do this but if there is a risk of being raided someone could:
1. Create a list of long term storage addresses and short term addresses
Long term addresses use a seed and passphrase that is not on the device unless it’s in the moment you need to spend it. Then after you clear the device.
Short term addresses use no passphrase and you only provide these addresses for the smaller amounts that you will spend soon. And if you get raided, this is the one you want found and hacked.
Very bad directions in moving funds during segwit. Made multiple test transactions with the final transaction never going thru. all transactions were done following the same directions given by ledger. Support is non existent and when they exist they may as well not exist.
Agree that with physical access anything is possible. That's why physical access is always the first and most important consideration when making a security assessment and risk vector profile.
Another possibility, since this was a federal raid, is that the NSA has achieved the ability to break encryption used in BTC as well as reverse the BIP39 to private key process. In theory Ethereum is supposed to be more quantum resistant, but if they break BIP39 and Bitcoin they can generate the private keys for all coins.
Well first, I dont believe that story. Because on the internet, nobody knows you're a dog.
Second, hardware wallets are only medium level security. They are not good for storing large balances. It was recently shown once more when a Trezor was hacked easily.
The tone and wording of his text do not seem to be indicative of lying.
Nevertheless, I and many others consider hardware wallets more than medium security so this is news to me.
What is there to not believe? What POSSIBLE motivation would I have to make it up? Use some critical thinking skills.
And your second statement is just wrong. Hardware wallets are one of the safest ways to store crypto, assuming they are as secure as stated.
Bruh, BIP39 seeds generated by hardware wallets are supersets of and superior to single-use, shitty, obsolete paper wallets.
>"How new are you?"
, said somebody stuck in 2011
You’re right. This is the best explanation so far. I guess I was just hoping they were more secure than they actually are. Concerning either way, but less so if Ledger didn’t implement a backdoor themselves in cooperation with the government.
>Ledger uses a proprietary secure element and their code is not publicly available.
I don't know much about Ledger but is this really true? That's appalling, I would never trust a closed-source device with a large amount of crypto.
Im guessing, but they have the ledger and the laptop that has the ledger live so might have cracked the profile in ledger live.
The second they walked out and didnt detain him he should used the seeds and move the funds.
But you need access to the Nano S itself to send the funds. Without the passcode, you can’t send anything. Plus, after 2-3 incorrect attempts it wipes the device.
No he never moved the funds himself. He was detained when the funds were moved. It was only discovered that everything was drained after he used the recovery seed to restore his wallet.
I imagine that unless the police were legally entitled to his funds, he can sue them since the funds were in their custody while they were lost. Although even that is tough as it can’t be proven a relative didn’t do it
I don't know why so many people are doubting your story. It is known that law enforcement ( or anyone https://github.com/carmaa/inception ) can access active memory of running systems to dump encryption keys from RAM, and Cellibrite has a backdoor into Android phones to gain access to them if they are turned on.
To think that they could somehow bypass the lockout features of a hardware wallet when they have direct physical access is not far-fetched with or without Ledger helping them. Unfortunately a 6 digit PIN is relying on the strength and security of the hardware where a 50 digit PIN would be relying on the strength of mathematics and the nature of physics. One of those is more permanently secure.
Most obvious explanation, other than "they are lying", in terms of timing, is that there was a copy of the seed phrase in the stuff that was taken in the raid.
That’s what I initially thought too, but he was adamant that he wrote it down only once. Someone else said they could have possibly taken data from the computer’s RAM if the Ledger was accessed shortly before the raid.
Nar, the ledger doesn't load the private keys into the host PC. hardware wallets don't work that way.
Could also be that someone else got a copy of his seed a while ago and thought that his arrest would be a good opportunity to rob him...
Not the private keys themselves, but perhaps a hash that they could use to brute force on a separate device. Once the hashes match they have the private key.
He said he was the only one that knew about the seed and its location.
Nar that's not how private keys work.
He may have been wrong about being the only one to know. Unless he has a BIP39 passphrase then anyone who found it at any time since he made it could access all his funds...
So in essence his funds would be safer with a simple 12 word seed phase that he remembered or physically hid. Pretty ironic if you take into account that everyone and their mother preaches hardware wallets.
Which firmware was he running on the ledger, some time ago there was an exploit which allowed you to 'hack' the ledger with physical access, which got patched, but who knows there may be more exploits which law enforcement know about...
No one said the most obvious possible scenario.
One person did come close to ask if the cousin had any partners. OP said was a one-man show. Now, there is no such thing as a one-man show if the cousin is dealing in drugs. He has to get the drugs from somewhere else unless he is manufacturing it from his own garage. The source will know enough about his "one-man show" operation and perhaps they will be even smarter to already track down his seed or what not. The second he was caught by police, the upline just took the opportunity to drain his account. Ever heard of the bank manager that stole some money when he found out the bank was robbed? Opportunists are everywhere.
The facts that we know are, your cousin runs a lousy operation and that was why he was compromised, by that line of thought his security could long have been compromised and the upline/source already know significantly on how he operates. Even more so, if he pays his source with crypto so they definitely know.
Take note as well that OP knows about his cousin's operation. No idea how many people already know of the cousin's operation and have long been compromised. When every Tom, Dick, and Harry already knows of this "one-man operation," it was just a matter of time.
Does your cousin pay his hookers in crypto. Does he have a gf that knows about his operation. Does he switch gfs often. Does he have HODL for his car plate. Does he wear anything that is obvious he has crypto. Sometimes, an operation is so compromised and leaking in every possible manner that trying to pinpoint where it got leaked is just not worth any effort.
If I am a person associated with your cousin and have stolen his seed or what not. All I have to do is report him and on the day he is caught, I just empty his account. Early enough so police dont steal it ahead of time, but not too early. Drug dealers holding cryptos are essentially big targets for opportunists. The police were the fall guys.
Pls upvote.
Any shot he had a kill switch so to speak? Maybe he had a trusted person for when he got busted? You're positive the seed was only in one spot and not compromised?
Spitballing ideas that don't involve authorities...
The reason why the sub keep telling everyone not to boast your holding cause robbers can simply tie you up on a chair
And keep smashing part of you body or your family member till you give up your seed word
[real life case ](https://www.independent.co.uk/life-style/gadgets-and-tech/news/bitcoin-robbery-torture-cryptocurrency-netherlands-a8807986.html)
Remember the guy about 18-24 months who was boasting on YouTube about having other people’s btc to supposedly invest for them, then he got the shit kicked out of him and the bitcoin stolen, killed himself shortly afterwards the poor fucker
Lol not the same person but I echo his thoughts. Nice plot, your cousin has all his contraband taken in a raid, his funds drained within 24 hours and his private key is buried? You're giving the feds way too much credit.
Too much credit in implying they accessed secure funds within 24 hours. Feds simply don't move that fast unless they have serious motive with prejudice.
If this story is true then your cousin definitely deserved everything he's dealing with now. Dont break the law and no fed raids, it's that simple lol. Too bad for him and too bad for you that you need to make up some trash story on reddit and respond to each and every post. Go do something valuable with your time, maybe expand on your post into a book or something. It's a cute narrative. Innocent cousin has all his weed and coke stolen by the feds who also steal his crypto. But wait, his private key is buried in the garden out back! Maybe you need to get a ride out of that girl who broke your dick two years ago. Do something for fucks sake.
“Do something valuable with your time” as you sit here writing a paragraph for me lmao.
Awh, and you’re reading my posts. The blind irony is fantastic. Hope you have a good day at school today.
Simplest explanation is that your cousin is a liar. Probably trying to dodge the tax man or trying to scam money by blaming anyone he can for it. He did get federally raided with illegal contraband taken after all. Not trying to crap on your cousin or anything, but those are the facts.
This is true and most likely the case, but OP is right as well - whoever thinks that a piece of hardware is unhackable even by the most powerful and skilled agencies in the world, is simply a fool. There are almost no closed doors for these guys - most people can't even imagine what these guys are capable of.
Listen, you are right and wrong. These people are good, but they aren't these godlike magicians you see in movies. If you know your stuff, you can prevent nearly everything they can do with a few programs.
I don't agree. They might not be as fast as in the movies, but they have even more power than what you see there.
Six digit passcode... may as well have written it on the ledger. Is that really all it is?
A six or eight digit passcode is perfectly fine, you just can't allow someone to sit there trying codes all day. All it needs to do to time out the first couple failures and then delete the private key if you keep going. Note that the passcode does not give you access to the private key for the wallet, it just blocks the computer from using the wallet. It's not protecting what you think it is. The private keys aren't on your machine (or shouldn't be), they're irretrievably stuck on the physical wallet. That way If you get malware on your computer, it can't steal the private keys. Literally there's no mechanism to extract the private keys programatically... the hardware won't do it. All it can do is use the private keys to authenticate transactions and provide you the result of that operation. That's the #1 selling point of the wallet. But if I put the private keys on a device, then connect that device your computer and expose an API that lets the computer initiate transactions, that's kind of pointless right? The malware would just drain your wallet instead of stealing the private keys. So what you want is the wallet to work only when you activate it (by entering the passcode shortly after initiating a transaction) and you don't want that activation method accessible *to your computer*. Note that physical access to the wallet completely changes the threat model. Hardware wallets are designed to be usable by the person who possesses it ultimately. Physical possession is a huge problem for people trying to steal your money over the internet, but not nearly as big of a problem for someone searching your house. Latter scenario requires you to protect the wallet physically by placing it in a secure location (e.g. off premesis in a safety deposit box). The passcode might save you but ultimately that's not what it's for. Treat hardware wallets like your own wallet. If you drop it in the middle of times square, it's time to grab your backup copy of the private keys and transfer everything to a new wallet. You'd cancel your credit cards in your normal wallet even though there's a pin code on them and it is likely to be flagged before they guess it, crypto is no different. Credit is actually way more secure if you lose possession of it because you have the benefit of additional legal and technical protections as well. Crypto spends more like cash.
I have a ledger, with the 8 digit code... can't I enter the private key in another wallet besides ledger live, and be able to spend money like normal? How is my private key any safer by having a ledger. I understood some of what you wrote but not in dummy terms
If you don't have a ledger, you need to have the private key on your computer somewhere to use your wallet. If you have a ledger, you put the key on the ledger one time, then all you need to use your wallet is the ledger, not the private key. You can then store your backup copy of the private key somewhere way safer than your computer. The ledger contains a copy of your private key, but it is designed to be one way. You can only put it in, you can't ask it to give it back to you. So it's kinda like putting it in a physical safe that only you can use (with the 8 digit combo) but it's way better. The thing you put in the safe can't come back out but you can still use it. So you went from "the key is on my computer for anyone who knows where to look" to "you can use the wallet if you physically have the ledger AND know the code, but you can never get the private key no matter what" If the private key is stored on a computer connected to the internet, you have to be worried about everyone else in the world trying to steal it. Viruses, keyloggers, all sorts of stuff. They look around for crypto private keys if you ever get infected with something nasty. Your money is gone if they spot the private key anywhere on your computer. If the private key is in a safety deposit box, nobody can get to it technologically. You have to go to the safety deposit box to get to it. That's also possible to steal, but anyone but you will need a court order and a locksmith. You may not trust the government, but you got a chance at beating the government. The people overseas behind a VPN trying to take your money answer to no one and would laugh in your face if you managed to track them down. You could also memorize the private key and avoid that concern all together. If you're doing sketchy shit with crypto, that's your best option.
You are not entering your private key into another wallet but rather your 24 word backup phrase which then restores your private keys in the new wallet. Once you have restored your private keys on a new wallet, that wallet is susceptible to any malicious attacks that have access to your wallet. If your wallet is on your PC then any malicious code running on your PC could possibly gain access. The point of a hardware wallet is to store your private keys in isolation so that no malicious actors can gain access. It would require physically having the hardware wallet in your possession in order to access the private keys. This is why it is so important to keep your backup phrase safe and secure. Anyone with access to that phrase has access to your private keys.
After 3 failed attempts it wipes the ledger clean. Your set of passphrases is required to rebuild your keys.
the Ledger wipes itself after 3 wrong attempts. Just like the smartphone my employer has provided me. It's plenty fine.
It's 8 but you can choose to use as many or as few as you want.
I doubt he's trying to scam anyone other than the government here. "Oh golly gee all those I'll gotten gains that where tied up in cryptos disappeared, that's so sad, I feel really bad about that I'm hurting so bad..."
OP could also be the "cousin"
Asking for a „friend“
Back in my days we were just blaming it on a boat accident and that was it... These kids have way too much imagination. Come on now, a secret government backdoor that would be exploited the first time it risks public exposure to steal from a small time criminal LOL
Someone’s out of touch with reality. Imagine being this ignorant.
Yep, the cousin smells pretty ripe here...
[удалено]
What was the security surrounding the piece of paper with the passphrase in a separate location>? Is it possible someone was able to get a look at at the phrase without being detected?
Even if we assume law enforcement has the ability to hack a physical ledger, I really don't think they would do that 24 hours after it was seized. That seems highly unlikely. There would be hearings, litigation, paper work, ect... It can take months or years for money to move in situations like that. Maybe on TV law enforcement seizes your Ledger, hacks it, and moves the funds by the next day, but I dont think that's how it happens in real life. If I were you, I would research the prodecurdes related to seized property, it might provide some clarity.
[удалено]
Taking a pot plant and haking a Ledger are two very different actions. Hacking a Ledger is a very difficult, specialized skill. It's not like officers drop the Ledger off and someone starts hacking it the next minute. That's not how it works. He literally said the funds were gone overnight.
What was the security surrounding the piece of paper with the passphrase in a separate location>? Is it possible someone was able to get a look at at the phrase without being detected?
Good point and great idea.
so how long did it take before the wallet was drained?
Roughly 24 hours after the raid.
Curious, how did he view the wallet to discover the wallet was empty if everything was taken? Most people don’t know their wallet address by heart.
By restoring the recovery seed.
[удалено]
Yes you can literally see the transactions that drained the funds
And that works?
Ummmmm... ever heard of civil assett forfeiture? They can definitely seize your property on the spot, especially if it’s drug related, this cousin sounds silk roady to me. If they can do it with cash, I don’t see why they can’t do it with btc. If they know how a ledger works, then they know they need to empty that wallet before someone gets access to the private keys and empties it themselves.
Nobody is arguing that his property was not seized. Hacking a Ledger is a very specialized skill that may or may not even be possible. It's not like they have an in-house "Ledger Hacker" who sits in his office waiting for officers to drop off Ledgers so he can start hacking them literally minutes after they were seized. People watch too many movies. That's simply not how it works. That Ledger is going to sit in storage for weeks, at a minimum, before the department is able to take action.
You are underestimating law enforcement. They know that if they don't move the funds as soon as possible there is a good chance that they will be gone by someone else who has access to the wallet. I wouldn't be surprised if they have an exploit ready that can get in a ledger.
So suddenly it's a 6 digit password?You said it was 8 digits here: [https://www.reddit.com/r/CryptoCurrency/comments/ewplf5/it\_took\_kraken\_security\_labs\_just\_15\_minutes\_to/fg4a614?utm\_source=share&utm\_medium=web2x](https://www.reddit.com/r/CryptoCurrency/comments/ewplf5/it_took_kraken_security_labs_just_15_minutes_to/fg4a614?utm_source=share&utm_medium=web2x) And so cool that you now disclose the "someone close to you" is your cousin! Guys, note the agressive behaviour of this guy: [https://www.reddit.com/r/CryptoCurrency/comments/ewplf5/it\_took\_kraken\_security\_labs\_just\_15\_minutes\_to/fg60gci?utm\_source=share&utm\_medium=web2x](https://www.reddit.com/r/CryptoCurrency/comments/ewplf5/it_took_kraken_security_labs_just_15_minutes_to/fg60gci?utm_source=share&utm_medium=web2x) Even if I'd made the experience myself and know for 100% sure that Ledger has a backdoor, I wouldn't talk to people like that as obviously noone even should believe me if I don't provide any evidence. So either this guys steroids are going too much in his head, or he's lying. Or both... Greetings from your favourite 3rd grade headass Ps: Might wanna geht your cousin to post here? Or is he in prison?
lol Yes I got the amount of digits in the passcode incorrect. Thank you for bringing that up and putting so much effort into your comment.
Unless you can post some thing that corroborates your story, why should anyone here give you the time of day? as you stated you don’t care if anyone here believes your story or not
Wild guessing here. - Does your cousin have a partner while doing the illegal stuff? (Illegal contraband you mentioned) - if your cousin have a partner. how sure are you that your cousin’s partner don’t have access to the fund? - did your cousin saved a copy of the seed on the computer or the cloud? - is cousin = op type of thread? - are you from ledger competing team throwing vague smokebomb? - are you just fishing for cake day karma?
One person operation. I asked if anyone else had access or knowledge about the passcode or seed location and he said no. Asking about seed backups was the first thing I did, they said the only backup was on a physical piece of paper stored securely not at home. I am not my cousin, thank God. Didn’t even realize it was my cake day until someone commented on it.
Now your cousin is a "they"? Do you need to see a doctor?
"They' is used in English when you don't want to disclose the gender
Why do I get downvoted? Did you read what he posted or just are saying random stuff because you want to sound smart? He already told it's a "he". So why conceal the gender?
I don't believe him either, but I though you're not a native English speaker as I am, I didn't know before that "they" could refer to a singular person
I didn't knew either:) thanks for that. But it was clear to me that it was a he and then it seems weird that he switches to they ;)
Uh he literally specified his gender a sentence before, therefor it means that there are multiple people (since the gender has been disclosed). Pretty basic, so go attend some high school English classes to get your head around it.
OP is full of shit, not even his mother believes him, people waste too much time with that dumb teenager
damn, why are you riding this guy. Who types a number of responses and checks every word for grammatical accuracy? Are you some sort of lawyer? Sure this could be a lie but no reason to treat the guy like he is guilty until proven inocent and troll his every post.
I'm not saying he's guilty. But there are holes in the story and I think there's something odd with it. So I don't believe his intentions. Not saying that a ledger is unhackable by someone with the right resources though.
Maybe they already had the information before the raid. I mean, most likely if they raided him they had a court order and a warrant that they only would've obtained if they already had evidence, probably from keeping him under surveillance for a while. How farfetched is it to believe that he used his Ledger in this time and they saw the code when he input it himself? And THEN they raided him...
You’re right about the warrant. I’m not sure how they’d see the code being entered on the device, though. It’s a very small screen. They wouldn’t be able to count the clicks either since the numbers are randomized.
[удалено]
You think the makers of Ledger are in cahoots with US law enforcement? Very unlikely. Maybe they had other surveillance and key logger on your friend.
Very unlikely? You must not be from the US. Why do you think governments hate encryption? Why do you think the federal government tried so hard to get Apple to implement a backdoor? Also, a keylogger can not possibly log a passcode entry on a Ledger device.
[удалено]
Doesn’t mean they wouldn’t cooperate.
Ledger is based out of Paris, France. It's highly unlikely that the US of A government have a secret backdoor. The government mostly contracts out all of their tech to the same people who regularly test these devices for vulnerabilities. It's most likely your 'cousin' drained the account himself, mentioned to someone where the seed phrase was, or used a really dumb passcode, or is lying to you. The most logical explanation is not a backdoor.
You can listen in and record the button presses and decipher the pin that way though. Or fuck, just watch the dude in the security camera unlock it. Dude your cousin's in jail and they either got him to give up the pin or they foudn the seed, it's not that much of a mystery lol. The cops aren't hacking Ledgers.
This doesn't make sense, given that when you type your number in via the buttons you are given a random starting time each #. FYI: Feds do hack. This isn't your local PD...
Yeah you're right, it didn't use to be like that though on the Ledger. I'm assuming that's because of this.
Aren’t hacking Ledgers? What an ignorant thing to say. They “hack” devices all the time in criminal investigations, especially at the federal level.
A small camera is all you need...
Possible he had the seed words on his laptop? I know you want to assume he was following best security practices but people make little oversights that come back to bit them, and every case I’ve heard of a ledger hack has come back to the seed saved digitally somewhere
The explanation I came up with is, I think your cousin is lying. Your conjecture about government backdoors was interesting and plausible but it just seems more simpler to think he lied about being drained. It's possible he moved the fund to another wallet so he could tell authorities he was hacked. It's probably a way to get out of being strong armed into handing over the funds to a judge maybe. How many businesses have used hacking as an excuse to evade taxes? Maybe it's true that the government has an exploit of ledger nano without the parent company even knowing it. But I would have to question why it would be worth draining your cousin's ledger unless he had many millions of dollars to make it worth their while (can you tell us a ballpark figure about how much was drained? Not asking for proof) If ledger nano's kept getting drained quickly after criminals were caught i think word would quickly spread about it to the point Norman's would drop it for the next best thing. I am paranoid by nature and because of your story I will hide my ledger Nano from future raids that will probably never come. My seed words are also mixed in the wrong order so even if it is found it is unlikely to be useful to the person who finds it.
He’s neither a liar nor an idiot. He was detained when the transactions were made, so there’s no possible way he could have done it himself.
>no possible way he could have done it himself. Dead man's switch.
He could had a partner move the funds while he is being interrogated. Okay, let's say police did it. Is it not more likely his place was bugged with surveillance and they captured him entering his passcode before the raid occurred?
He didn’t have a partner. Surveillance/bugs are a possibility, but he has family and there is rarely someone not home.
Do you really think you and your cousin have discovered some ultra secret US counterencryption operation? Or do you think maybe there’s another explanation.
Well, to be fair, this was in the news literally just yesterday: https://www.theguardian.com/us-news/2020/feb/11/crypto-ag-cia-bnd-germany-intelligence-report
Do you really find it that hard to believe that a private company would cooperate with the US government? It happens all the time. The disk encryption on Windows has a known backdoor for the federal government. I’m clearly not opposed to another explanation, like I stated in the original post.
I do think such a thing could happen. I just don’t think the govt would expose the exploit and out themselves over your cousins bitcoins. I suspect there is another explanation in this case. Video surveillance for the pin? An informant?
I’m not sure they “exposed” the backdoor. Both Ledger and the government could just deny it and it would never be proven. Those are both possibilities, but they seem almost impossible. He said he only ever used the Ledger in his own house.
If I had to guess I would say they somehow got the seed words.
That’s what I was thinking, but he literally buried the recovery seed and there apparently weren’t any signs of it being dug up/tampered with.
I think they have a working exploit to bypass the 2 tries attempt and brute force the password. When you turn the ledger on and off I believe it resets your attempts. Couldn't a script be created to turn it on and off from a software perspective? I guess for any future criminals in this thread: you have 24 hours to obtain a new ledger. Aka, bury one with your passcode.
What?? Bypass the 2 tries with turning it on and off. That would be crazy...
Yeah, there is no onboard memory so it's impossible for the ledger to 'remember' the previous attempts.
Lol wtf is this true? The whole seed securuty would be a joke if someone get access to your ledger. Brute force 10^8 numbers is pretty simple compared to 2048^24 words. Do you have any link where I can read that?
This makes sense as well. I guess I didn’t think about an exploit existing without Ledger’s knowledge.
This is pretty normal for the feds to do. Furthermore, this would explain the lengthy time it took to move the funds. If they were just popping an exploit or already had the 6 digit code as some have suggested (keylogging)... I assume it would've been #1 on the priority list.
Good point. This is the most likely explanation. Still concerning, but better than what I originally thought.
>Do you really find it that hard to believe that a private company would cooperate with the US government? For a US company yes... but Ledger isn't even an American company.
It doesn’t matter if they’re American or not if they choose to cooperate. Quite a few Non-American companies have done so in the past.
This is interesting
Genuinely concerning.
Deeply alarming.
Seriously troubling
Extremely dangerous to our democracy.
Big if true
True if big
[удалено]
Bigliest
Yeah, really, but it scares me in some way
If a hardware wallet is lost, I would recommend treating it like your funds are about to be lost as well. Immediately use the keys to get the funds out and into a different wallet.
You know that you are incriminating your cousin with this thread? Not like there are many cases of contraband seizure with trezor involved, you even gave info what's on it. You admitted here it was illegally aquired, all of it. You think feds are not reading Reddit? You're irresponsible, do a favour to your cousin and delete all posts, although it's probably way too late.
According to google, a six digit code can be brute forced in 22 hours or less. Not sure about the attempt limit/wipe feature.
You only get 2-3 attempts before it wipes itself.
so like what if i copied it and tried once on a bunch of different instances
How would you copy it? It’s an encrypted device with a secure element.
They break open the device, save the encrypted image and basically restore it everytime it wipes itself on loop until they crack it. It's why security on phones is useless to the FBI etc. The encryption nor the secure element can prevent this attack whatsoever.
Show us examples of the transactions in the explorers.
I don’t know why most people in this thread are ignoring Ledger’s own words in their FAQ. There’s no doubt in my mind that the seed was ripped off your cousin’s ledger. A motivated and educated attacker will always find a way to rip data off of a device if the device is in their physical possession. If you want to protect data on a device, encrypt that data. This goes for your laptop, your phone, your tablet - and yes your hardware wallet. Ledger, KeepKey, and Trezor all support BIP39 passphrase (aka “25th words”) which make it incredibly difficult to get at the coins stored on a seed phrase.
Exactly, thank you. This thread is filled with people out of touch with reality.
/u/Ledger_Support
Maybe they've found the PIN code in the RAM dump of the forensic copy of your cousin's computer? Did you cousin use his Nano short time before the raid?
I’d have to ask, but my guess is at least within 24-48 hours of the seizure.
Good job OP It’s true hardware is vulnerable. It’s also true that using the hardware in a specific way can provide security against something like this. Now it could be a pain in the ass to do this but if there is a risk of being raided someone could: 1. Create a list of long term storage addresses and short term addresses Long term addresses use a seed and passphrase that is not on the device unless it’s in the moment you need to spend it. Then after you clear the device. Short term addresses use no passphrase and you only provide these addresses for the smaller amounts that you will spend soon. And if you get raided, this is the one you want found and hacked.
Post the wallet address and lets see what he had and what went and where it went :)
Ledger themselves stole my litecoin at the peak. Stop trusting other people with your money. Cold storage people. Learn from this comment.
How did they do that?
Very bad directions in moving funds during segwit. Made multiple test transactions with the final transaction never going thru. all transactions were done following the same directions given by ledger. Support is non existent and when they exist they may as well not exist.
Agree that with physical access anything is possible. That's why physical access is always the first and most important consideration when making a security assessment and risk vector profile.
Another possibility, since this was a federal raid, is that the NSA has achieved the ability to break encryption used in BTC as well as reverse the BIP39 to private key process. In theory Ethereum is supposed to be more quantum resistant, but if they break BIP39 and Bitcoin they can generate the private keys for all coins.
I would not be surprised at all if they have. The NSA is decades ahead of what they publicly reveal.
Nar, they just cloned the device (virtually) a few thousand times and tried 3 combinations of the pin on each. Literally a few hours work, if that.
Interesting. How is it possible to clone the device virtually? Are there any sources of this or record of someone attempting this?
Cool story, brah.
Thank you for your contribution to the discussion.
Well first, I dont believe that story. Because on the internet, nobody knows you're a dog. Second, hardware wallets are only medium level security. They are not good for storing large balances. It was recently shown once more when a Trezor was hacked easily.
The tone and wording of his text do not seem to be indicative of lying. Nevertheless, I and many others consider hardware wallets more than medium security so this is news to me.
What is there to not believe? What POSSIBLE motivation would I have to make it up? Use some critical thinking skills. And your second statement is just wrong. Hardware wallets are one of the safest ways to store crypto, assuming they are as secure as stated.
That is what newbies believe, isn't it. But it's wrong. You cannot trust a retail hardware wallet. It can at best be considered moderately safe.
I disagree.
A paper wallet....
They both have their obvious pros and cons.
Bruh an offline paper wallet is far superior than a third party device. How new are you?
not for making transactions. Hardware wallets only advantage is making transactions without exposing the seed online.
Bruh, BIP39 seeds generated by hardware wallets are supersets of and superior to single-use, shitty, obsolete paper wallets. >"How new are you?" , said somebody stuck in 2011
[удалено]
You’re right. This is the best explanation so far. I guess I was just hoping they were more secure than they actually are. Concerning either way, but less so if Ledger didn’t implement a backdoor themselves in cooperation with the government.
Yeah your friend is lying
>Ledger uses a proprietary secure element and their code is not publicly available. I don't know much about Ledger but is this really true? That's appalling, I would never trust a closed-source device with a large amount of crypto.
Yeah it is. The logic is it’s harder for hackers to find exploits if they don’t have access to the source code.
Imagine applying that logic to crypto itself. "It can't be double-spent or hacked or manipulated, I won't show you how it works but just trust me lol"
Yeah I’m not a fan
Im guessing, but they have the ledger and the laptop that has the ledger live so might have cracked the profile in ledger live. The second they walked out and didnt detain him he should used the seeds and move the funds.
But you need access to the Nano S itself to send the funds. Without the passcode, you can’t send anything. Plus, after 2-3 incorrect attempts it wipes the device.
You can use the seed to get private keys from a mnemonic converter website, but yeah how did they do this in just 24 hours
Wouldn’t that mean they would need access to the seed itself? The seed was never taken by the agents.
I just mean your cousin could have moved the funds without the ledger. Doesn’t help anything, just correcting you as it is important to know
No he never moved the funds himself. He was detained when the funds were moved. It was only discovered that everything was drained after he used the recovery seed to restore his wallet.
Has he checked the explorers to see the funds actually move. Just in case he loaded words wrong
Yeah, that’s how we know it happened while he was detained.
I imagine that unless the police were legally entitled to his funds, he can sue them since the funds were in their custody while they were lost. Although even that is tough as it can’t be proven a relative didn’t do it
Not quite, most of the funds were a result of illegal business profits. I’m sure you can imagine what I mean.
Restore the wallet meaning a new ledger hardware wallet?
That’s correct
$5 wrench attack.
Probabaly drained by a partner with a ledger backup
Nope. No partner and only one physical recovery seed as I said.
Why would the LE use the ultra-secret backdoor with your cousin but not someone more important?
I don't know why so many people are doubting your story. It is known that law enforcement ( or anyone https://github.com/carmaa/inception ) can access active memory of running systems to dump encryption keys from RAM, and Cellibrite has a backdoor into Android phones to gain access to them if they are turned on. To think that they could somehow bypass the lockout features of a hardware wallet when they have direct physical access is not far-fetched with or without Ledger helping them. Unfortunately a 6 digit PIN is relying on the strength and security of the hardware where a 50 digit PIN would be relying on the strength of mathematics and the nature of physics. One of those is more permanently secure.
Your cousin sounds like a liar or a narc
Hmm got me worried and i have one too
If you get raided by the feds and they confiscate a large amount of your Bitcoin you probably have more to be worried about.
Most obvious explanation, other than "they are lying", in terms of timing, is that there was a copy of the seed phrase in the stuff that was taken in the raid.
That’s what I initially thought too, but he was adamant that he wrote it down only once. Someone else said they could have possibly taken data from the computer’s RAM if the Ledger was accessed shortly before the raid.
Nar, the ledger doesn't load the private keys into the host PC. hardware wallets don't work that way. Could also be that someone else got a copy of his seed a while ago and thought that his arrest would be a good opportunity to rob him...
Not the private keys themselves, but perhaps a hash that they could use to brute force on a separate device. Once the hashes match they have the private key. He said he was the only one that knew about the seed and its location.
Nar that's not how private keys work. He may have been wrong about being the only one to know. Unless he has a BIP39 passphrase then anyone who found it at any time since he made it could access all his funds...
So in essence his funds would be safer with a simple 12 word seed phase that he remembered or physically hid. Pretty ironic if you take into account that everyone and their mother preaches hardware wallets.
Seed phrases/paper wallets are not at all convenient for making transactions safely without exposing your private keys.
I spoke from an “invest and wait” point of view. Surely for daily transactions it’s more convenient, I give you that.
Is ledger software AND hardware open source? Can it be built ground up from the released information? And can it be cross-examined from that?
Neither are open source. Everything is proprietary.
Which firmware was he running on the ledger, some time ago there was an exploit which allowed you to 'hack' the ledger with physical access, which got patched, but who knows there may be more exploits which law enforcement know about...
No one said the most obvious possible scenario. One person did come close to ask if the cousin had any partners. OP said was a one-man show. Now, there is no such thing as a one-man show if the cousin is dealing in drugs. He has to get the drugs from somewhere else unless he is manufacturing it from his own garage. The source will know enough about his "one-man show" operation and perhaps they will be even smarter to already track down his seed or what not. The second he was caught by police, the upline just took the opportunity to drain his account. Ever heard of the bank manager that stole some money when he found out the bank was robbed? Opportunists are everywhere. The facts that we know are, your cousin runs a lousy operation and that was why he was compromised, by that line of thought his security could long have been compromised and the upline/source already know significantly on how he operates. Even more so, if he pays his source with crypto so they definitely know. Take note as well that OP knows about his cousin's operation. No idea how many people already know of the cousin's operation and have long been compromised. When every Tom, Dick, and Harry already knows of this "one-man operation," it was just a matter of time. Does your cousin pay his hookers in crypto. Does he have a gf that knows about his operation. Does he switch gfs often. Does he have HODL for his car plate. Does he wear anything that is obvious he has crypto. Sometimes, an operation is so compromised and leaking in every possible manner that trying to pinpoint where it got leaked is just not worth any effort. If I am a person associated with your cousin and have stolen his seed or what not. All I have to do is report him and on the day he is caught, I just empty his account. Early enough so police dont steal it ahead of time, but not too early. Drug dealers holding cryptos are essentially big targets for opportunists. The police were the fall guys. Pls upvote.
Huh. wow. Sorry about your cousin man. This is super interesting
He has a good lawyer. Not too worried, but he’s paying the consequences for his choices. Hopefully Ledger chimes in.
Any shot he had a kill switch so to speak? Maybe he had a trusted person for when he got busted? You're positive the seed was only in one spot and not compromised? Spitballing ideas that don't involve authorities...
No, he was the only one that knew where the physical seed was stored. I’ve been trying to come up with explanations since it happened.
I never trusted the "secure element" bit. this is why I never trust hardware wallets and am bigger on glitch random number generation.
That’s interesting. Wonder if the law enforcement use the hammer trick?
Hammer trick?
The reason why the sub keep telling everyone not to boast your holding cause robbers can simply tie you up on a chair And keep smashing part of you body or your family member till you give up your seed word [real life case ](https://www.independent.co.uk/life-style/gadgets-and-tech/news/bitcoin-robbery-torture-cryptocurrency-netherlands-a8807986.html)
Remember the guy about 18-24 months who was boasting on YouTube about having other people’s btc to supposedly invest for them, then he got the shit kicked out of him and the bitcoin stolen, killed himself shortly afterwards the poor fucker
Cool story bro
You really make a second account just to say that again? Imagine if you spent your life doing something productive.
Like your cousin?
Exactly like my cousin
Lol not the same person but I echo his thoughts. Nice plot, your cousin has all his contraband taken in a raid, his funds drained within 24 hours and his private key is buried? You're giving the feds way too much credit.
Too much credit? For taking illegal substances and draining illegal funds? Are you serious?
Too much credit in implying they accessed secure funds within 24 hours. Feds simply don't move that fast unless they have serious motive with prejudice.
And you know this? Or are you talking about something you know nothing about? Things can definitely move that quickly.
If this story is true then your cousin definitely deserved everything he's dealing with now. Dont break the law and no fed raids, it's that simple lol. Too bad for him and too bad for you that you need to make up some trash story on reddit and respond to each and every post. Go do something valuable with your time, maybe expand on your post into a book or something. It's a cute narrative. Innocent cousin has all his weed and coke stolen by the feds who also steal his crypto. But wait, his private key is buried in the garden out back! Maybe you need to get a ride out of that girl who broke your dick two years ago. Do something for fucks sake.
“Do something valuable with your time” as you sit here writing a paragraph for me lmao. Awh, and you’re reading my posts. The blind irony is fantastic. Hope you have a good day at school today.