YouTube personality Ian Balina has had a very successful run in the cryptocurrency market starting with 2017’s bull run. The fledgling Youtube channel amassed a following of over 100K subscribers, and Ian’s crypto investments have reached over $3 million in value, according to screenshots he shared via related social media accounts.
However, sharing screenshots of his portfolio via social media has made Balina a target for hackers, who have come away successful in stealing the YouTube celebrity’s funds.
Balina, who often live-streamed via his YouTube channel, was in the midst of reviewing an initial coin offering live on his YouTube when the livestream was cut short. Balina, who can be seen with a distraught look on his face, interrupts his livestream with a “what the heck,” followed by an “I’ll have to finish this later,” and brings his stream to a close. Balina says he noticed something was fishy when he was required to sign back into a Google spreadsheet he was in the midst of updating.
Balina then took to his Twitter account to share the following message:
In total, Balina was hacked for over $2M in Ether.
Security in the crypto space is more important than others due to the potential wealth associated with cryptocurrencies, and the pseudo-anonymous nature of many tokens making them an easy target for cyber-criminals. Balina’s boasting about his portfolio gains on a public platform like Twitter made him a target. Leaving too many vulnerabilities open in the way he set up his crypto-related accounts, made him an easy one.
Balina had left his private keys to his crypto wallets on cloud-based note-taking app Evernote. The program’s password was reset, sending a new password email to his compromised Gmail account. Hackers had already gained access to his Gmail account, by the way of his account backup email – which was an old college email account that Balina had received a note about being targeted, but disregarded assuming it was an old unused account. The account trail led hackers directly to Balina’s crypto assets – which were then transferred out of his account.
Balina is asking the crypto community for assistance in tracking down the hackers, and has written off the money as a lesson learned.
The real lessons here are: never store private keys on a computer, mobile device, or cloud service that someone else could gain access to. And never, ever share your earnings or portfolio publicly.