El Salvador’s Bitcoin Wallet Compromised, Hackers Leak Code

Following the significant data breach involving the user database of Chivo in early April, the hacker group CiberInteligenciaSV has now escalated its activities by releasing the wallet’s code.

In a continuing development around El Salvador’s government-run Bitcoin wallet, Chivo, further sensitive details have been exposed by hackers.

Just in:

Hackers have leaked the code of El Salvador's state #Bitcoin wallet, #Chivo, continuing the saga of security breaches.

This follows the exposure of personal data of 5.1 million Salvadorans earlier in April. Concerns grow as the government remains silent on the issue.… pic.twitter.com/TGjQU41KOo

— Crypto Fusion (@cryptofusionorg) April 24, 2024

On April 23, the hacker group CiberInteligenciaSV shared portions of the source code on the underground hacking forum BreachForums.

The group’s post indicated their ongoing approach of not selling the information but instead making it freely available.

“This time I bring you the code that is inside the Bitcoin Chivo Wallet ATMs in El Salvador, remember that it is a government wallet, and as you know, we do not sell, we publish everything for free for you,” the hackers stated.

NEWS: A hacker group leaked parts of the #Bitcoin wallet's #Chivo source code, exposing personal data of millions of people in El #Salvador, with no government response yet to the breach.

Check: https://t.co/dNdfOu0128 pic.twitter.com/R4YmxeX8aO

— EDNS Domains (@ednsdomains) April 24, 2024

This breach is part of a series of security issues for Chivo, beginning with the extensive leak of personal information of approximately 5.1 million Salvadorans—virtually the entire adult population of the country—earlier in April.

VenariX, a local cybersecurity initiative, took to social media on April 22 to alert the public to the impending code leak, citing CiberInteligenciaSV’s announcements on Telegram about their plans to release the source code.

“Tonight we will publish part of the source code and VPN access that belongs to Chivo Wallet, for free as always, unless one of you nosy government people wants to talk,” read a post from the group’s Telegram channel.

Cybercrime group CiberInteligenciaSV has published some of the source code related to El Salvador’s Bitcoin ATM network on a public black hat-hacking crime forum.@tikta_ reportshttps://t.co/4Y7ZiK6wOe

— Laura Shin (@laurashin) April 24, 2024

Additionally, CiberInteligenciaSV released a file named Codigo.rar, which contains a collection of code and VPN credentials for the Chivo Wallet ATM network.

El Salvador made history in September 2021 by being the first country to declare Bitcoin as legal tender.

The Chivo wallet was introduced as the official Bitcoin wallet for the Salvadoran populace, facilitating the purchase, sale, storage, and withdrawal of Bitcoin via ATMs.

Despite its groundbreaking introduction, the Chivo wallet experienced a rocky start with several reported bugs and technical issues.

The government of El Salvador is yet to address the massive data hack against its Chivo wallet and ATMs. Here's the latest.#ElSalvador #Chivo #Hackhttps://t.co/Ph3hljgYpG

— Cryptonews.com (@cryptonews) April 24, 2024

While early April brought to light the hack involving personal data, the Salvadoran government has remained silent on these developments, leaving many questions unanswered and contributing to the uncertainty surrounding the state of cybersecurity in relation to the national Bitcoin wallet.

About The Author