Part of the CustodyStress archive of observed Bitcoin custody incidents
CS-00330
The ransomware demanded 0.5 BTC for decryption—ironically more than the user could
BlockedCase description
A user who had held BTC since 2012 stored their wallet on a Windows XP machine. In September 2016, the machine was automatically wiped by a ransomware attack. The wallet had not been backed up externally. The ransomware demanded 0.5 BTC for decryption—ironically more than the user could access without the wallet.
Custody context
| Stress condition | Device loss |
| Custody system | Mobile or software wallet |
| Outcome | Blocked |
| Documentation | Unknown |
| Year observed | 2016 |
| Country | Unknown |
Structural dependencies observed
What this illustrates
The wallet existed only on that device. When the device became inaccessible, there was no other way back in. Access was not recoverable.
Outcome interpretation
Access was not possible under the reported conditions.
Source
Publicly Reported
Evidence type
Forum post
Evidence link
Related cases involving device loss
This archive documents observed custody survivability failures. It does not attempt to document all Bitcoin losses or security incidents.
Submit a case
← All cases
Framework references
Where Bitcoin Custody Intersects Legal and Fiduciary Authority
Where custody creates gaps in estate planning, fiduciary duty, and professional responsibility.
Professional Scope Boundary Matrix
What each professional or product covers, what they do not, and where gaps form between them.
The Independent Assessment Layer in Bitcoin Custody
How independent diagnostic layers emerge when multiple parties depend on shared infrastructure.