BitPay CFO Opened Phishing Email Link that Cost His Company $1.8 million

BitPay apparently filed a claim with Massachusetts Bay Insurance Company (MBIC) in December 2014 that it lost around 5,000 BTC worth around $1.8 million.

In this phishing scam, the scam artist(s) first compromised the email account of the Bitcoin quarterly yBitcoin, David Bailey. Then, Bryan Krohn, the current CFO of BitPay received an email from the compromised account of David Bailey, who requested him to take a look at some modifications on a Google Doc file. Since yBitcoin was discussing about buying the magazine section, it did not raise any suspicion.

When Bryan Krohn entered his login details to view the document, he probably entered it on a phishing website and his account details were stolen at that point.

Later on December 11, the scam artist sent BitPay CEO Stephen Pair an email from Bryan Krohn’s account, requesting to send 1,000 BTC to a wallet address which was supposed to be of SecondMarket. The CEO made the transaction and got another request to send an additional 1,000 BTC, which was also processed from BitPay’s company wallet on Bitstamp.

The saga continued and a day later the scammer again requested 3,000 BTC from the CEO as the CFO, but this time provided a different wallet address. After making the transaction, Stephen Pair sent an email to Gina Guarnaccia from SecondMarket to confirm the transaction. At that point, Gina Guarnaccia replied that she did not purchase the said amount of Bitcoin.

On June 8, BitPay’s claim was denied by Massachusetts Bay Insurance Company, and BitPay sued their insurer for breaching contract. They are also suing MBIC for bad faith, failure to pay, and statutory damages and looking to get $950,000 in damages along with any court fees.

So far none of the involved parties have made any comments regarding the case to the media.

As Bitcoin transactions cannot be reversed it would be very difficult to get back the lost amount or find the people behind this elaborate scam.