October 1, 2023


Your trusted source for crypto news and insights

$90M in stolen crypto seen shifting

2 min read

A hacker dubbed the “Blockchain Bandit” has lastly woken from a six-year slumber and has began to maneuver their ill-gotten good points.

In accordance with Chainalysis, round $90 million in crypto pilfered from the attacker’s long-running string of “programmatic theft” since 2016 has began shifting over the previous week.

This included 51,000 Ether (ETH) and 470 Bitcoin (BTC) — price a complete of round $90 million — leaving the bandit’s tackle for a brand new one. Chainalysis famous:

“We suspect that the bandit is shifting their funds given the latest soar in costs.”

The hacker was dubbed the “Blockchain Bandit” on account of having the ability to empty Ethereum wallets protected with weak non-public keys in a course of termed “Ethercombing.”

The attacker’s “programmatic theft” course of has drained greater than 10,000 wallets from people throughout the globe because the first assaults had been perpetrated six years in the past.

In 2019, Cointelegraph reported that the Blockchain Bandit managed to amass nearly 45,000 ETH by successfully guessing these frail non-public keys.

A safety analyst stated he found the hacker accidentally whereas researching non-public key technology. He famous on the time that the hacker had arrange a node to mechanically filch funds from addresses with weak keys.

The researchers recognized 732 weak non-public keys related to a complete of 49,060 transactions. It’s unclear what number of of these had been exploited by the bandit, nevertheless.

“There was a man who had an tackle who was going round and siphoning cash from a number of the keys we had entry to,” he stated on the time.

Blockchain Bandit crypto actions. Supply: Chainalysis

Chainalysis produced a diagram depicting the stream of the funds, nevertheless, it didn’t specify the goal tackle, solely labeling them as “middleman addresses.”

To keep away from having weak non-public keys, Chainalysis suggested customers to make use of well-known and trusted wallets and contemplate shifting funds to {hardware} wallets if massive quantities of cryptocurrency are concerned.

Associated: Hackers keeping stolen crypto: What is the long-term solution?

Additionally in 2019, a pc researcher discovered a wallet vulnerability that issued the identical key pairs to a number of customers.