A Hidden Camera Filmed Him Typing 12 Words. That Was the Whole Hack — and $176 Million in Bitcoin Walked Out the Door.
There is a Bitcoin theft case in the UK High Court right now that every self-custodian should make themselves sit with, because it strips the problem down to its bones. According to court filings, Ping Fai Yuen kept 2,323 BTC on a Trezor hardware wallet — the responsible choice, the one this entire industry tells you to make, keys held offline and out of reach of exchanges and remote attackers. On October 15, 2023, his estranged wife, Fun Yung Li, and her sister visited his home. While they were there, the filings allege, a concealed camera recorded him entering his seed phrase and access codes into the device. That was the attack. Not a phishing site, not malware, not a breached exchange, not a cracked algorithm. A camera, pointed at the one moment the complete secret had to exist in the open. The coins were worth roughly $4.3 million that day. By early 2025 the same 2,323 BTC were worth more than $176 million, and on December 21, 2023, on-chain analysis showed them split across seventeen wallets, where they have sat untouched since.
The detail that should unsettle you is how little had to go wrong. The hardware wallet worked exactly as designed. A Trezor's whole purpose is to keep the private key off the internet and out of any computer's memory, and it did — at no point was the device hacked, the firmware compromised, or the cryptography broken. Ledger's standard line about its own phishing incidents applies here word for word: the scam targets users, not devices. The key never leaked through the silicon. It leaked through the air in front of the screen, in the few seconds it takes a human being to read twelve words off a card and type them in. Self-custody quietly assumes that moment is private. The case is a demonstration of what happens when it isn't.
This is sometimes called an observation attack, and it is older than crypto — it is shoulder-surfing a PIN, reading a password over someone's shoulder, photographing a combination — but Bitcoin makes it absolute in a way almost nothing else does. When someone watches you type your email password, they get your email until you change it. When someone records your complete seed phrase, they get everything the seed controls, permanently, the instant they reproduce it on their own device, with no second factor to fail over to, no fraud department to call, no clawback, no reset. The seed phrase is not a password. It is the entire wallet, expressed as words. And the cruelty of the format is that to use it, restore it, or verify it, you eventually have to assemble the whole thing in one place at one time — exactly the configuration a camera, a compromised phone, or a person across the table is built to capture.
It would be comforting to file this under "domestic betrayal" and move on, as though the lesson were merely about who you let into your house. That reading is too small. The structural fact is that the attacker did not need to break anything; they only needed to observe a routine, sanctioned, by-the-book act of self-custody at the single instant it exposed the complete secret. That instant happens to everyone. You face it the day you set the wallet up, every time you restore from backup, every time you anxiously check that the words you wrote down are still correct, every time you migrate to a new device. The threat does not require a scheming relative. It requires a phone on a shelf, a webcam left on, a "smart" TV, a reflection in a window, malware quietly screen-recording a laptop, or a single careless photo — the same class of mistake that, in a separate 2026 case, leaked a seed from a tax authority's own photographed records and drained millions. The living-room camera is just the most cinematic version of a vulnerability that is always present wherever a whole secret must briefly become visible.
Notice, too, that the standard hierarchy of advice does nothing here. "Use a hardware wallet" — he did. "Keep your keys off exchanges and out of hot wallets" — he had. "Never type your seed into a website" — he never did; he typed it into the correct device, the one he was supposed to trust. Every rule on the canonical list was followed, and $176 million still left through a gap that none of those rules addresses, because all of them are about where the secret is stored and none of them are about the moment the secret is whole. That gap is not an edge case. It is the load-bearing assumption underneath the entire model: that there exists, somewhere, a complete copy of your seed, and that you can be trusted to handle it in private when the time comes. The case is what happens when that assumption is wrong exactly once.
This is the precise weakness threshold custody is built to remove, and it is worth being concrete about why, because the mechanism is the whole point. With Shamir's Secret Sharing, your encrypted seed phrase is split into a set of shares — say a 3-of-5 — and the complete secret is never written down, stored, or assembled in one place during normal handling. Each share, on its own, discloses nothing: below the threshold, Shamir's scheme reveals not "a little" about the seed but information-theoretically nothing, every possible phrase equally consistent with what an observer holds. A camera that films you handling a single share films something mathematically useless. To photograph the whole secret the way the camera in this case did, an attacker would need to observe a threshold number of shares being brought together — across separate locations, separate custodians, separate moments — rather than catching one person reciting one card in one room. The single recordable instant, the thing the entire attack depended on, simply does not occur.
It would be dishonest to oversell this, and the honest version is stronger anyway. Threshold custody does not make you invisible, and it does not save you if you defeat it yourself — if you reconstruct your full seed on a compromised laptop with a camera behind you, or photograph all your shares into the same cloud album, you have rebuilt the single point of exposure by hand, and no scheme survives that. It also will not stop a sufficiently invasive adversary from trying to watch a reconstruction event, which is why reconstruction should be rare, deliberate, and done with the same care you would once have given the seed itself. What it changes is the baseline: in the ordinary life of the wallet — setup, backup, the nervous "is it still right" check, migration — there is no moment when the complete secret sits in front of a lens. You are not asking yourself to be lucky every time the whole phrase becomes visible. You are arranging things so the whole phrase is almost never visible at all.
The reason this case belongs on a site about threshold custody is not schadenfreude and not fear-mongering; it is that it isolates the variable so cleanly. Strip away the relationship, the courtroom, the eye-watering appreciation from $4.3 million to $176 million, and what remains is a single sentence: the secret existed, complete, in one observable place, for a few seconds, and that was enough. Every honest defense has to answer that sentence. Storing the secret better does not — it is still complete and still must be assembled to be used. Hiding it on a fancier device does not — it still has to be entered and restored. The only answer that addresses the sentence directly is to make sure the complete secret has no single place and no single moment to be observed. That is not a tweak to self-custody. It is the part the cameras can't see.
seQRets is built on exactly that. Your encrypted seed phrase, split into QR-encoded threshold shares and distributed across the locations and people you choose — no servers, no accounts, and no single instant when the whole secret sits in front of a screen, a lens, or a person who shouldn't be watching. The hardware wallet in this case did everything right. The problem was never the device. It was the one moment the secret had to be whole — and that is the moment threshold custody is designed to erase.