El Salvador’s Bitcoin wallet, Chivo, victim of a massive data leak

El Salvador is facing a major cybersecurity crisis: the official Salvador’s Bitcoin wallet, Chivo, has been hacked. The hacker group CiberInteligenciaSV leaked the source code and VPN accesses, exposing the application to serious security flaws.

Security flaw detected in El Salvador’s Chivo Wallet

After revealing in early April a database containing personal information of more than 5 million Salvadorian users of Chivo Wallet, almost the entire adult population, the hacker group CiberInteligenciaSV dealt another blow to the national bitcoin wallet.

This Tuesday, April 23, the pirates published on the hacking BreachForums elements of the source code of Chivo as well as VPN network access credentials. They claim that the code comes directly from inside the bitcoin distributors Chivo deployed in the country.

This time I bring you the code inside the Bitcoin Chivo Wallet ATMs in El Salvador, remember this is a government wallet, and as you know, we don’t sell, we publish everything for free for you.

Statement from the hacker group

This leak poses a serious risk to the security and integrity of the Chivo Wallet. Disclosure of the source code exposes the inner workings of the software and could enable attackers to discover new vulnerabilities to exploit.

DCent, hardware wallet, Wallet DCent, Coinpri, DCENT discount, Promo DCent wallet, hardware crypto wallet, crypto security, promo, hack, scam, crypto, protect crypto wallet, drain
You should use Dcent Wallet instead to store your BTC if you are in El Salvador!

As for the theft of VPN access, it opens the door to potential intrusions on the network to intercept or manipulate data, thus compromising the confidentiality and security of users’ transactions.

Chivo Wallet, the dark side of El Salvador’s crypto adoption?

Becoming in September 2021 the first state in the world to make bitcoin a legal currency, El Salvador has implemented Chivo Wallet as an official wallet enabling citizens to use BTC on a daily basis. But the president’s flagship project Nayib Bukele accumulates security problems.

Already in September, numerous bugs and flaws had disrupted the application’s launch. Then in early April, the disclosure of a database of over 5 million users constituted a massive breach of personal data.

This latest leak of Chivo Wallet’s source code and VPN access is likely to deal a further blow to Salvadorans’ confidence in the national wallet and, more broadly, in the government’s bitcoin strategy.

Bottom line, this latest incident comes at the worst possible time for El Salvador which is already the target of fierce criticism from international institutions such as the IMF regarding its bitcoin adoption policy.

Furthermore, it is important to note that self-hosted wallets, whether managed by governments or individuals, are not immune to cyber-attacks. For users wishing to protect their assets, it is therefore advisable to turn to secure storage solutions, such as hardware wallets D’CENT.