In brief

  • Podcast host Eric Savics had been saving up Bitcoin using dollar-cost averaging for seven years.
  • He had managed to build up a stash of 12 Bitcoin, worth $113,000.
  • When he downloaded a malicious app from the Google Chrome store, he lost all of it.

Entrepreneur and host of the "Protocol Podcast" Eric Savics has lost his entire Bitcoin savings—12 Bitcoin, worth $113,000—in a phishing attack, as a result of downloading a malicious version of the KeepKey Bitcoin wallet.

KeepKey is a Bitcoin wallet focused on security. Image: KeepKey.

Savics has since reached out to the community for help but these events are usually irreversible. “I had all of my Bitcoin stolen from me in a hardware wallet phishing scam. Has anyone ever successfully retrieved stolen Bitcoin? Any help or guidance would be appreciated,” he tweeted today.

Jameson Lopp, CTO of Casa, which builds security software, replied, “Sorry for your loss; never enter a seed phrase into a computer.”

The podcast host, who had been slowly building up his Bitcoin stash since 2013, had used the KeepKey Bitcoin client on his desktop and decided to download its corresponding app. But when he downloaded it from the Google Chrome store and entered his recovery phrase (used to generate a Bitcoin private key, which operates as a password for the funds), his Bitcoin was swiftly stolen.

One person has expressed sympathy with his situation. "Eric can you post a BTC address I will donate some to get your balance off zero," tweeted a pseudonymous Bitcoiner known as OrangeDog.

In retrospect, Savics said he realized that the wallet was fake due to a typo. “Look at this screenshot, I only noticed now. But the scammers spelt phrase wrong,” he added.

Crypto exchange ShapeShift, which operates the KeepKey wallet, warned last week that there are fake KeepKey apps in the Google Chrome store. “We will never ask you for your 12 word seed phrase, if anyone does that is a scam. Phishing attempts, such as these fake wallet apps, can lead to users losing their crypto,” it warned.

Google has long had a problem with fake crypto wallet apps and extensions. In April, it removed 49 fake crypto wallet extensions that mimicked popular platforms like Ledger, MyEtherWallet and Trezor. Perhaps it needs to start flushing out the Google Chrome store too.

This article has been updated to no longer state that Casa builds Bitcoin nodes, since they have stopped doing so.