Part of the CustodyStress archive of observed Bitcoin custody incidents
CS-00570
The ransomware encrypted the wallet file and demanded payment in Bitcoin — a payment
BlockedCase description
A user who maintained their wallet on an old Windows XP machine found the machine had been infected with ransomware in September 2018. The ransomware encrypted the wallet file and demanded payment in Bitcoin — a payment the user could not make without access to their wallet. A decryption tool was eventually released but it arrived after the wallet passphrase had also been forgotten.
Custody context
| Stress condition | Device loss |
| Custody system | Mobile or software wallet |
| Outcome | Blocked |
| Documentation | Unknown |
| Year observed | 2018 |
| Country | Unknown |
Structural dependencies observed
What this illustrates
The wallet existed only on that device. When the device became inaccessible, there was no other way back in. Access was not recoverable.
Outcome interpretation
Access was not possible under the reported conditions.
Source
Publicly Reported
Evidence type
Forum post
Evidence link
Related cases involving device loss
This archive documents observed custody survivability failures. It does not attempt to document all Bitcoin losses or security incidents.
Submit a case
← All cases
Framework references
Where Bitcoin Custody Intersects Legal and Fiduciary Authority
Where custody creates gaps in estate planning, fiduciary duty, and professional responsibility.
Professional Scope Boundary Matrix
What each professional or product covers, what they do not, and where gaps form between them.
The Independent Assessment Layer in Bitcoin Custody
How independent diagnostic layers emerge when multiple parties depend on shared infrastructure.