‘Blockchain Bandit’ Has Stolen 45,000 ETH by Guessing Weak Private Keys, Report Claims

Published at: April 23, 2019

A “blockchain bandit” has managed to amass almost 45,000 ether (ETH) by successfully guessing weak private keys, according to a report released by Independent Security Evaluators on April 23.

Adrian Bednarek, a senior security analyst, said he discovered the sophisticated hacker by accident. While guessing a private key is meant to be a statistical improbability, he managed to uncover 732 private keys through his research — giving him the ability to complete transactions as if he was the account holder.

The report notes that rather than using a brute force search for random private keys, it used a combination of looking for faulty code and faulty random number generators.

Bednarek then noticed how some of the wallets associated with the private keys found with their suboptimal methods had high volumes of transactions going to a single address, with no money coming back out. Bednarek said:

“There was a guy who had an address who was going around and siphoning money from some of the keys we had access to. We found 735 private keys, he happened to take money from 12 of those keys we also had access to. It’s statistically improbable he would guess those keys by chance, so he was probably doing the same thing […] he was basically stealing funds as soon as they came into people’s wallets.”

At the height of ether’s value, it is estimated that the bandit’s haul would have been worth more than $50 million. At the time of writing, the funds would be valued at approximately $7.8 million.

According to Bednarek, the private keys may have been vulnerable because of coding errors in the software responsible for generating them. Another theory is that crypto owners who obtain private keys through passphrases are generating identical ones by using weak entries such as “abc123,” or even leaving their passphrases blank.

Although the identity of the blockchain bandit is unknown, Bednarek has suggested that a state actor such as North Korea could be behind the thefts. In March, a U.N. Security Council report claimed that the isolated state had amassed $670 million in fiat and cryptocurrencies through hacking attacks as it tries to circumvent punishing economic sanctions.

Tags
Related Posts
‘Blockchain Bandit’: How a Hacker Has Been Stealing Millions Worth of ETH by Guessing Weak Private Keys
Earlier this week, United States-based security consulting firm Independent Security Evaluators (ISE) published a report on private keys for the Ethereum blockchain. Despite establishing around 700 weak private keys that are being regularly used by multiple people, the researchers found a “blockchain bandit” who has managed to collect almost 45,000 ether (ETH) by successfully guessing those frail private keys. Cointelegraph interviewed Adrian Bednarek, a senior security analyst at ISE, to find out more about what they describe as “ethercombing.” Research background and chief findings Bednarek says he discovered the hacker by accident. At the time, he was doing research for …
Blockchain / April 28, 2019
What is a seed phrase and why is it important?
How to keep your seed phrase safe A crypto seed phrase in the wrong hands can do damage, so it is advisable to always ensure it is safe. The following are some tips for ensuring your seed phrase is secure. Never share your seed with anyone else: It’s extremely important that you never reveal your recovery phrase to anyone. Why? Because if someone else finds out your recovery phrase, they will be able to access — and therefore control — your crypto funds. Make a note of it on paper and keep it in a secure location: This is the …
Blockchain / Aug. 27, 2022
North Korean hackers stealing NFTs using nearly 500 phishing domains
Hackers linked to North Korea’s Lazarus Group are reportedly behind a massive phishing campaign targeting non-fungible token (NFT) investors — utilizing nearly 500 phishing domains to dupe victims. Blockchain security firm SlowMist released a report on Dec. 24, revealing the tactics that North Korean Advanced Persistent Threat (APT) groups have used to part NFT investors from their NFTs, including decoy websites disguised as a variety of NFT-related platforms and projects. Examples of these fake websites include a site pretending to be a project associated with the World Cup, as well as sites that impersonate well-known NFT marketplaces such as OpenSea, …
Nft / Dec. 26, 2022
Overview of Software Wallets, the Easy Way to Store Crypto
Similar to a bank account for fiat currency, a crypto wallet is a personal interface for a cryptocurrency network that provides reliable storage and enables transactions. Whether a cryptocurrency is securely stored or not, much depends on the wallet, which is only as secure as its private keys. Wallets are generally either hot or cold. The funds in a hot wallet can be spent at any time, online. A cold wallet functions in contrast: not intended for regular cryptocurrency transactions, but funds can be received at any time. Wallets can also be divided into three groups: software, hardware and paper. …
Blockchain / March 29, 2020
Ethereum Classic Devs Building a ‘Chainhopping’ Bridge Between ETH and ETC
San Francisco-based incubator for the blockchain Ethereum Classic (ETC), ETC Labs, has announced that it will create a solution for Ethereum (ETH)/ETC interoperability in a collaboration with Metronome, in an official blog post on June 27. Per the announcement, blockchain interoperability—also referred to as “chainhopping”—is a property of a blockchain asset meaning that it can be transferred between separate blockchains. In this case, the cryptocurrency Metronome (MET) will be transferable between the ETH and ETC blockchains. The ETH and ETC blockchains initially split in the summer of 2016 after a contentious vote to return money lost when The DAO collapsed …
Blockchain / June 28, 2019