See More

Fenbushi Capital Partner Loses $42 Million in Personal Funds From Supposed Leaked Seed Phrase

3 mins
Updated by Ryan James
Join our Trading Community on Telegram

In Brief

  • Fenbushi Capital Bo Shen loses $42 million in personal funds, including $38 million of USDC.
  • While details are unclear, it is suspected that the hack occurred through a compromised seed phrase.
  • The hack serves as a timely reminder to maintain good security practices when managing your own crypto.
  • promo

Fenbushi Capital managing partner Bo Shen has lost $42 million worth of personal crypto through a wallet hack allegedly caused by a compromised seed phrase.

Bo Shen said that no funds from Fenbushi, a blockchain-focused venture capital firm in Asia, were compromised in the attack that lost him $38 million USDC. 

Bo Shen added that local law enforcement, the Federal Bureau of Investigation, and attorneys were working on the case.

Bo Shen attack reminds crypto users about security lapses

The attack on the wallet belonging to Bo Shen comes as confidence in the crypto industry is on shaky ground after the implosion of the Bahamian exchange FTX. Several traditional banks that did business with crypto firms have been left holding the bag as crypto deposits dwindle and loans borrowed by crypto companies are not serviced.

Hollywood star Bill Murray lost 119.2 ETH after an NFT charity auction in Sep. 2022. The auction was held in partnership with Coinbase. Hackers transferred the stolen funds to wallets on two centralized exchanges using fake identification. The hacker likely got access to Murray’s wallet through a compromised seed phrase that exposed his private key. Fortunately for Murray, a Coinbase user donated $187,500 worth of ETH to replace the stolen funds.

Additionally, FTX lost $400 million in a recent hack, with the hacker sideloading malware onto the FTX app. They converted stolen ETH to renBTC for bridging onto the Bitcoin network. Investigators predicted they would pass the BTC through a bitcoin mixer to obscure the money trail.

While phishing attacks on customers like centralized exchanges are common using social engineering techniques, a somewhat less popular phishing method targets more tech-savvy crypto users that hold crypto in self-custodial wallets.

A wallet holder can receive an email with the promise of a crypto giveaway. As in a classic phishing scenario, scammers prompt a user to click on a link to a bogus website. After that, the user sees various popular wallets, including MetaMask,, Coinbase, Binance, and Exodus. The scammers then prompt the use to click on the brand of their wallet and enter their seed phrase. If the seed phrase entered is correct, the user will likely lose most of their crypto.

Bo Shen wallet possibly hacked by acquiring seed phrases

Attacks like the one on Bo Shen are a timely reminder of the importance of keeping one’s seed phrase safe. While holding crypto in a self-custodial wallet, i.e., a wallet not controlled by a third party like Coinbase, the user is responsible to minimize loss. A wallet is essentially a software storage container for public and private crypto keys.

A private key is a long string of numbers that can be tedious to use. Accordingly, a wallet vendor will often provide a more user-friendly 12-24 word seed phrase or mnemonic that represents the key. Using cryptographic techniques, the user’s public and private keys can be derived from the mnemonic.

Since hackers can derive a user’s private key from the mnemonic, it is crucial to write the mnemonic down. After that, store it in a safe place, such as a locked drawer or a safe. It is advisable to secure multiple copies of the mnemonic, perhaps in a safety deposit box at a bank, a locked drawer, and a safe.

It is advisable never to store the mnemonic digitally since it holds the information needed to recreate your private key. If a criminal gains access to the mnemonic, they can drain your crypto wallet.

For Be[In]Crypto’s latest Bitcoin (BTC) analysis, click here.

Top crypto projects in the US | May 2024



In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

David Thomas
David Thomas graduated from the University of Kwa-Zulu Natal in Durban, South Africa, with an Honors degree in electronic engineering. He worked as an engineer for eight years, developing software for industrial processes at South African automation specialist Autotronix (Pty) Ltd., mining control systems for AngloGold Ashanti, and consumer products at Inhep Digital Security, a domestic security company wholly owned by Swedish conglomerate Assa Abloy. He has experience writing software in C,...