According to Cointelegraph, the infamous hacker known as Blockchain Bandit has consolidated 51,000 Ether (ETH) into a single wallet after nearly two years of inactivity. This move involved transferring the entire amount from 10 separate wallet addresses to a multi-signature address labeled “0xC45…1D542.” The transfer occurred in batches of 5,000 Ether between 8:54 pm and 9:18 pm UTC on December 30, as reported by blockchain investigator ZachXBT.
The stolen funds had been dormant in these 10 wallet addresses since January 21, 2023, when the hacker last moved the 51,000 Ether. At that time, the hacker also transferred 470 Bitcoin (BTC). Blockchain Bandit initially amassed nearly 45,000 Ether by exploiting weak private keys, a feat reported by Cointelegraph in April 2019, based on findings from Independent Security Evaluators. Despite the statistical improbability of guessing private keys, the hacker managed to uncover 732 private keys linked to 49,060 transactions.
The method employed by the hacker involved a brute force search for random private keys, utilizing faulty code and random number generators in a process termed “Ethercombing,” as explained by crypto security analyst Adrian Bednarek. This programmatic theft has been ongoing since 2016, with significant activity noted in 2018, according to ZachXBT’s analysis.
In a broader context, crypto hackers stole over $2.3 billion worth of assets across 165 major incidents in 2024, marking a 40% increase compared to 2023, as reported by onchain security firm Cyvers. This surge in thefts is largely attributed to access control breaches, particularly affecting centralized exchanges and custodian platforms. Access control vulnerabilities accounted for 81% or $1.9 billion of the total value stolen in 2024 from 67 cybersecurity incidents.
