No. It is not possible, due to the technology and the encryption algorithms used, to steal bitcoins from the system. You cannot crack a private key and appropriate the funds.
From a definition provided by Bellaj Badr, CTO and founder of Mchain: "A Bitcoin private key (ECC key) is an integer between one and about 10^77. This may not seem like much of a selection, but for practical purposes it's essentially infinite. If you could process one trillion private keys per second, it would take more than one million times the age of the universe to count them all. Even worse, just enumerating these keys would consume more than the total energy output of the sun for 32 years. This vast keyspace plays a fundamental role in securing the Bitcoin network[34]."
It's different if, instead, we consider the theft of bitcoins to the users or the loss of the private keys.
According to a ranking provided by Airbitz Inc., the largest threats to user funds are, in order of statistical significance[35]:
- User error (lost devices, lost backups, etc.)
- Social engineering (phishing, SIM port, etc.)
- Third Party Custodial Risk (exchange or bank hack, fraud)
- Malware (keyloggers, screen captures) 5 Physical attack (wrench/gun/knife attack)
As mentioned above, if we use an app that does not allow us to backup our private keys and lose our device, we have lost funds. Therefore always use applications that allow you to transcribe private keys.
It goes without saying that if we lose our paper wallet containing the private keys backup we are screwed again. User error is, as in many other areas, in the first place among the causes of loss of funds.
The second cause is the attack by other people using so-called social engineering, which is realized in particular through phishing.
Phishing is a type of online scam that involves trying to get the victim to release sensitive data, in this case access to our electronic wallet.
This scam takes place mainly through communication channels such as e-mail and messaging (Telegram, WhatsApp): the attacker usually sends the link to a seemingly reliable site and asks to enter private keys, or even directly asks the user for them.
Custody of funds with third parties typically occurs when the user leaves his bitcoins on an exchange which, being a centralized system, is exposed to all the risks inherent in such a system: hacking, DDoS attacks, technical downtimes, etc. There are many cases of violated exchange and deprived of user funds. The most striking case is certainly that of MtGox, an exchange with a troubled history of investigations, hacking and bankruptcies. Because of the hacker attacks, the company lost around 850,000 bitcoins, which when compared to today's value of bitcoins in USD make over 8 billion dollars.
The last major attack to an exchange occurred in May 2019 against Binance. 7000 bitcoins were stolen in a single transaction without the exchange realizing it!
The press tends, intentionally or by simple ignorance, to associate these attacks and these losses with an alleged lack of security of the Bitcoin network. This is absolutely false because, as we have said, exchanges, centralized systems exposed to the same identical risks as credit institutions, or users, not the Bitcoin network, were and still are attacked.
For all the situations described above, the following applies: " not your keys, not your bitcoins".
The user who approaches Bitcoin needs to understand that the funds are managed entirely by him and not by a third party. We are our bank and we must secure our money.
There is very little to say about physical attack: always protect yourself and your loved ones, even before your money. The only suggestion I can give you is to use a lark mirror: leave few funds on a paper wallet and put it in a place that is easily accessible. If criminals ever force you to give them your bitcoins, you can give this paper wallet, knowing you haven't lost your entire capital.