The notorious hacker 'Blockchain Bandit', who successfully guessed weak private keys and stole large amounts of cryptocurrency, has recently drawn attention again.
50,000 hacked Ether transferred
According to a Telegram post by blockchain investigator ZachXBT on December 30, the hacker transferred 51,000 Ether (ETH) from 10 different wallet addresses to a multi-signature address '0xC45…1D542'.
This large sum of funds was transferred between December 30 at 8:54 PM and 9:18 PM (UTC) in batches of approximately 5,000 Ether. Prior to this, these funds had been inactive in 10 different wallets since being transferred on January 21, 2023, remaining dormant for nearly two years. At the same time, the hacker also transferred 470 Bitcoin (BTC) in early 2023.
Weak Private Key Guessing Attack
The 'Blockchain Bandit' was first active in 2016 and reached its peak of theft in 2018. According to a report by security firm Independent Security Evaluators, the hacker systematically searched for weak private keys using a technique called 'Ethercombing', exploiting faulty random number generators and code vulnerabilities, successfully cracking 732 sets of private keys and accumulating over 45,000 Ether, involving nearly 49,060 transactions.
Technically, this type of 'weak private key guessing attack' should statistically be nearly impossible, but because certain wallets or tools used low-quality random number generators when generating private keys, the keys were not completely random, allowing hackers to conduct 'weak private key guessing attacks' programmatically.
Using verified wallet software (such as MetaMask, Ledger, Trezor) can avoid this issue.
Until now, the true identity of the 'Blockchain Bandit' remains a mystery. However, security analyst Adrian Bednarek has speculated that it may involve nation-state actors, such as North Korea, who might be using such means to raise illegal funds on a large scale.
In 2024, losses reached 2.3 billion USD.
According to a report by on-chain security firm Cyvers, there were 165 major cryptocurrency security incidents in 2024, with total losses reaching 2.3 billion USD, an increase of 40% compared to 2023.
Among them, Access Control Breaches became the primary attack vector, accounting for 81% of all incidents, with losses amounting to 1.9 billion USD. These vulnerabilities primarily occurred in centralized exchanges and custodial platforms, exposing significant security risks in the crypto industry.
Source
