Crypto firm spent €300k on cybersecurity after employee stole its source code

Company discovered theft following leaked photos of company laptop

A cryptocurrency company was forced to spend more than €300,000 on external cybersecurity experts after an employee stole its source code to sell to hackers, a court has heard.

The 32-year-old software engineer, whose name is banned from publication by court order, pleaded guilty in February to a raft of charges, including the unlawful access, use, and modification of computer data. The charges were aggravated by his employment status.

Despite the man's guilty plea, the court continued to hear testimony in the case on Tuesday. 

Testifying before Magistrate Gabriella Vella, the firm’s head of cloud infrastructure and security detailed the massive corporate response required to contain the breach. The company diverted 40 employees to secure their systems, rotated access credentials and alerted financial regulators in two countries.

The stolen data included a full copy of the company's source code - described in court as the "blueprint" of the business - and the company worried that malicious actors could replicate their business model or exploit vulnerabilities. The firm is already frequently targeted by hackers, the witness testified. 

The security breach was discovered when the company received a tip-off, in the form of a photo of a company-issued MacBook Pro laptop displaying an internal administrative panel. 

Because the panel could only be accessed from a company device, investigators narrowed their focus to 15 employees. A second leaked photograph revealed the accused's username.

Company investigators conducted a site visit at the firm's Malta office and discovered that the engineer had executed a massive bulk download of the source code after an initial failed attempt. The data was contained to the accused’s laptop.

Under cross-examination, the security chief dismissed defence claims that the engineer was slated for a promotion at the time of the theft. Instead, the witness noted the employee was facing a role change that amounted to a salary "degradation."

Officers from the Police Cybercrime Unit also presented their reports during Tuesday's sitting.

Defence lawyer Christian Camilleri requested a pre-sentencing report for the accused.

The case was adjourned to next week, when the defence will confirm whether it will cross-examine further witnesses.

The prosecution is being led by AG lawyer Marica Ciantar and Police Inspector Marcus Cachia. Lawyer Stefano Filletti is appearing in parte civile for the company.

Sign up to our free newsletters

Get the best updates straight to your inbox:

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.