Paar Fragen zu Binance, Bitcoin und Ledger

Platz für eure privaten Dinge, Fun-Threads, YouTube-Videos, Kurioses aus Politik und Wirtschaft, etc.
Beiträge: 2279
Registriert: 6. Jan 2013 15:12

Paar Fragen zu Binance, Bitcoin und Ledger

1) Welcher Bericht bei Binance ist für die Kaufs-Beweispflicht fürs Finanzamt maßgeblich bei Bitcoin? Wenn ich also heute Bitcoin bei Binance kaufen würde, welchen Report kann ich dort ausdrucken, damit das FA das Kaufdatum mit Kurs akzeptieren würde? Ein Screenshot oder Foto vom Monitor würde ich jetzt nicht so gut finden. Da muss es ja irgendwo einen Report geben.
Das gleiche dann nach 1 Jahr wieder (falls man dann verkauft).
ich weiß, das man, wenn man länger als 1 Jahr die Bitcoins hält, man eigentlich keine Steuern auf den Gewinn zahlt und es auch nicht seinem FA melden muss. Aber einfach für den Fall der Fälle. Gibt es einen gängigen Report von Einkauf / Verkauf von Bitcoin bei Binance wo alle Finanz relevanten Daten drauf stehen?

2) Hardware Wallet (Ledger Nano S):
PIN (8 stellig) + Ledger + Ledger Live sind eingerichtet. 24 Wort Phrasen gesichert.
Fiktives Beispiel:
Ledger + Pin für immer verloren (Brand). Es gibt nie mehr einen Ledger zu kaufen. Ledger pleite Insolvenz what ever.

Man hat aber seine 24 Wort Phrasen notiert. Zettel mit den 24 Phrasen ist also vorhanden. Mehr aber nicht.

Kann man sich jetzt bei jeder (vertrauensvolle) Wallet-Software wieder seine Bitcoins per 24 Phrasen aufrufen und man hat wieder Zugang zu seinen Bitcoins?
Also wenn alles (außer die Blockchain selbst) in Rauch aufgeht, kann man mit seinen 24 Phrasen immer an seine Bitcoins kommen, egal mit welchem Anbieter ich die Wallet erstellt habe?

3 Monate gratis Händlerbund
Beiträge: 3
Registriert: 25. Jul 2019 15:13
Land: Deutschland

Re: Paar Fragen zu Binance, Bitcoin und Ledger

Zu 1) Ich habe zwar keinen Account bei Binance, mache aber meinen Steuerreport mit CoinTracking, die haben u.a. auch eine Schnittstelle zu Binance. Einfacher geht es imho nicht. Bis 200 Transaktionen ist CoinTracking kostenlos. Alternativ CryptoTax, was bis 50 Transaktionen kostenlos ist.

Zu 2) Ja, mit der Seed-Phrase kannst du mit nahezu jeder beliebigen Wallet auf deine Bitcoin zugreifen
Beiträge: 3640
Registriert: 5. Jul 2015 13:06
Land: Deutschland

Re: Paar Fragen zu Binance, Bitcoin und Ledger

Apropos Ledger-PIN, ich habe sowas hier bekommen (Hardware-Wallet):

Dear client,

We regret to inform you that Ledger has experienced a security breach affecting approximately 86,000 of our customers and that the wallet associated with your e-mail address (meine E-Mail-Adresse) is within those affected by the breach.

Namely, on Tuesday, December 8th 2020, our forensics team has found several of the Ledger Live administrative servers to be infected with malware.

At this moment, it's technically impossible to conclusively assess the severity and the scope of the data breach. Due to these circumstances, we must assume that your cryptocurrency assets are at risk of being stolen.

If you're receiving this e-mail, it's because you've been affected by the breach. In order to protect your assets, please download the latest version of Ledger Live and follow the instructions to set up a new PIN for your wallet.


Und natürlich gab es nach diesem Vorfall diverse maßgeschneiderte Pishing-Versuche auf die betroffene E-Mail-Adresse. Die Schattenseiten des Bitcoins begleiten einen auf Schritt und Tritt - es wird versucht, die Wallet zu hacken, manch Börsen-Handelsplatz ist von heute auf morgen pleite und offline, das Giro wird einem plötzlich wegen diffuser Bitcoin-Theorien reflexartig gekündigt, vgl. ... it-bitcoin. Was ein Scheiß.
Beiträge: 2279
Registriert: 6. Jan 2013 15:12

Re: Paar Fragen zu Binance, Bitcoin und Ledger


Wann genau hast du diese Mail bekommen?
Beiträge: 3640
Registriert: 5. Jul 2015 13:06
Land: Deutschland

Re: Paar Fragen zu Binance, Bitcoin und Ledger

Danke der Nachfrage. Ich habe die E-Mail am 23.11.2020 bekommen, dabei handelt es sich allerdings um eine extrem gut gemachte Pishing-E-Mail, wie ich jetzt erst gerade sehe - ist aber nix passiert, da ich grundsätzlich nicht auf Links in E-Mails klicke. Andere Pishing-E-Mails sind mit einer kriminellen Energie handgestrickt, wie ich es in den letzten 20 Jahren noch nie erlebt habe. Nach alledem würde ich einfach mal behaupten, dass es kaum möglich ist, Kryptowährungen ohne Risiko des Totalverlustes zu verwahren.

Die tatsächlichen E-Mails von Ledger:

am 29. Juli 2020 ging es los:
Our ecommerce and marketing database leaked, we immediately fixed the breach. Contact and order details were involved. Your funds are safe.

What happened?

On the 14th of July 2020, a co mputer researcher that participated in our bug bounty program notified us of a potential data breach on the Ledger website. We immediately fixed the breach after receiving the researcher’s report and undertook an internal and external investigation of the situation. While conducting the investigation, we discovered an unauthorized third party had gained access to customer information.

What personal information was involved?

Contact and order details were involved. This is mostly the email address of our customers. Further to investigating the situation we have also been able to establish that, for a subset of customers were also exposed: first and last name, postal address, phone number and ordered products. Due to the scope of this breach and our commitment to our customers, we have decided to inform all of our customers about this situation.

Payment information, credentials (passwords) or crypto funds are not impacted by this data breach. This data breach has no link nor impact on our hardware wallets and the Ledger Live application. Your crypto assets are safe and are not in peril.

What we have done, what we are doing

We have taken immediate action on 14th of July 2020, to resolve the data breach.

On the 17th of July, we notified the CNIL -- the French Data Protection Authority -- about this data breach and are continuing to work with authorities throughout the legal process.

We are continuously monitoring for evidence of our customers’ contact details being disclosed on the internet, and have found none thus far. We also performed an internal penetration test.

We are currently in the process of filing a complaint before the French public prosecutor regarding the unauthorized access and we will support law enforcement investigation.

We are extremely regretful for this incident. We take privacy very seriously, and we sincerely apologize for the inconvenience this matter may cause you.

What you can do

We recommend you exercise caution -- always be mindful of phishing attempts by malicious scammers.

As a reminder, Ledger will never ask you for the 24 words of your recovery phrase. If you receive an email that looks like it came from Ledger asking for your 24 words, you should definitely consider it a phishing attempt.

We suggest you visit Ledger Academy security section to educate yourself on general security principles and more precisely our article about phishing attacks.

am 3. November 2020 geht es weiter:
Sehr geehrte Kundin,

Wir bedauern, Ihnen mitteilen zu müssen, dass es in Ledger zu einer Sicherheitsverletzung gekommen ist. Betroffen sind etwa 46.000 unserer Kunden. Leider ist auch das mit Ihrer E-Mail-Adresse verknüpfte Wallet (meine E-Mail-Adresse) von der Verletzung betroffen.

Am 2. November 2020 hat unser Forensikteam festgestellt, dass mehrere der Verwaltungsserver von Ledger Live mit Malware infiziert sind.

Derzeit ist es technisch unmöglich, die Schwere und Reichweite der Sicherheitsverletzung abschließend festzustellen. Aufgrund dieser Gegebenheiten müssen wir davon ausgehen, dass für Ihre Kryptowährungs-Assets das Risiko besteht, entwendet zu werden.

Sie erhalten diese E-Mail, weil Sie von dem Vorfall ebenfalls betroffen sind. Um Ihre Assets zu schützen, laden Sie bitte die neueste Version von Ledger Live herunter und folgen Sie den Anweisungen, um eine neue PIN für Ihr Wallet festzulegen.

Mit freundlichen Grüßen,

am 21.12.2020 dann nochmals
What happened?

We contacted our customers last July to tell them that part of our e-commerce marketing database had been leaked.

Yesterday we were informed about the dump of the content of a Ledger customer database on Raidforum. We believe this to be the contents of our e-commerce database from June, 2020. For specific questions please refer to the FAQ, which we will continue to update to address your concerns.

What information was involved?

At the time of the incident, in July, we engaged an external security organisation to conduct a forensic review of the logs available. This review of the logs enabled us to confirm that approximately 1 million email addresses had been stolen as well as 9,532 more detailed personal information (postal addresses, name, surname and phone number) that we were able to specifically identify.

The database publicly released yesterday shows that a larger subset of detailed information has been leaked, approximately 272,000 detailed information such as postal address, last name, first name and telephone number of our customers. These details are not available in the logs that we were able to analyse.

If you are part of the detailed personal information subset, you will receive a specific email notifying you within the next 24 hours (check your spam box).

It is important to note that this data breach is not linked to our hardware wallets nor Ledger Live security and your crypto assets are safe and not in peril of being compromised. Due to our comprehensive security scheme, attackers cannot steal your sensitive information like recovery phrases and private keys unless you give it to them. You are the only one in control and able to access this information. DO NOT GIVE YOUR 24 WORDS TO ANYONE. Ledger will NEVER ask you for your 24 words.

What we are doing

Since July, we notified our clients in several communications via email, blog posts, and Twitter. We are doing everything possible to make Ledger stronger for the future. We have hired a new Chief Information Security Officer (CISO). We are further hardening our already strong systems and have thoroughly reviewed our data policy. We executed penetration tests and forensic analysis with external security firms to test these and find any additional vulnerabilities on our e-commerce systems.

We are continuously working with law enforcement to prosecute hackers and stop these scammers. We have taken down more than 170 phishing websites since the original breach. We have notified the French data protection authority regarding the data breach and are working with other data protection authorities across the world. Our Customer Support team is working 24/7 to answer your questions.
We are doing everything we can to proactively deal with this critical situation and prevent anything similar in the future. We wish we could turn back the hands of time and make this problem disappear. Unfortunately we cannot, so we are focused on today and the future. Please be sure we are more focused than ever on security in every part of our customer experience.

What you can do

We recommend you exercise caution -- always be mindful of phishing attempts by malicious scammers. Ledger will never ask you for the 24 words of your recovery phrase, not even in Ledger Live. Ledger will never contact you via text messages or phone call.

Furthermore, while we do all we can, we suggest you visit the security section of Ledger Academy to educate yourself on general security principles and more precisely our article about phishing attacks. Also, familiarize yourself with the anatomy of these ongoing phishing campaigns and report any phishing you experience on this dedicated page.

If you want to know if your information may have been exposed previously head to

We have taken immediate action to resolve the damage, and are diligently working to protect all customer information. We are extremely regretful that this incident impacts our customers and recognize it will take time to restore your confidence. We will do everything in our power to show you that this has made Ledger better, stronger, and more secure.

Pascal Gauthier
CEO, Ledger

Zurück zu „Spielwiese - Offtopic“

  • Information