The notorious hacker 'Blockchain Bandit', who stole a large amount of cryptocurrency by successfully guessing weak private keys, has recently attracted attention again.
50,000 hacked Ether transferred
According to a Telegram post by blockchain investigator ZachXBT on December 30, the hacker transferred 51,000 Ether (ETH) from 10 different wallet addresses to a multi-signature address '0xC45...1D542'.
This substantial amount of funds was transferred in batches of about 5,000 Ether between 8:54 and 9:18 PM (UTC) on December 30. Prior to this, these funds had remained inactive in 10 different wallets since being transferred on January 21, 2023, for nearly two years. Meanwhile, the hacker also transferred 470 Bitcoin (BTC) at the beginning of 2023.
Weak private key guessing attacks
The 'Blockchain Bandit' first became active in 2016 and peaked in theft in 2018. According to a report by security firm Independent Security Evaluators, the hacker systematically searched for weak private keys using a technique called 'Ethercombing', exploiting a faulty random number generator and code vulnerabilities, successfully cracking 732 sets of private keys, and accumulating over 45,000 Ether through nearly 49,060 transactions.
On a technical level, such 'weak private key guessing attacks' should statistically be nearly impossible, but because certain wallets or tools used low-quality random number generators when generating private keys, the keys are not completely random, allowing hackers to perform 'weak private key guessing attacks' using programs.
This issue can be avoided by using verified wallet software (such as MetaMask, Ledger, Trezor).
So far, the true identity of the 'Blockchain Bandit' remains a mystery. However, security analyst Adrian Bednarek has speculated that it may involve nation-state actors, such as North Korea, who could be raising illegal funds on a large scale through such means.
Loss of $2.3 billion in 2024
According to a report by on-chain security company Cyvers, there were 165 major cryptocurrency security incidents in 2024, with total losses reaching $2.3 billion, a 40% increase compared to 2023.
Among these, access control breaches have become the main attack method, accounting for 81% of all incidents, resulting in losses totaling $1.9 billion. These vulnerabilities mainly occur in centralized exchanges and custodial platforms, exposing significant security risks in the crypto industry.
Source
