'Blockchain Bandit' Reawakens: $90M In Stolen Crypto Seen Shifting -

‘Blockchain Bandit’ Reawakens: $90M In Stolen Crypto Seen Shifting

The hacker accumulated as much as $90 million worth of Crypto from wallets with weak private keys during a six-year stealing binge.

A Hacker named the “Blockchain Bandit” has at last woken from a six-year slumber and has begun to move their ill-gotten gains.

According to Chainalysis, around $90 million in crypto stole from the attacker’s long-running string of “programmatic theft” beginning around 2016 has begun moving once again the past week.
This included 51,000 Ether and 470 Bitcoin — worth a total of around $90 million — leaving the bandit’s address for a new one. Chainalysis noted:

“We suspect that the bandit is moving their funds given the recent jump in prices.”

The hacker was named the “Blockchain Bandit” due to having the option to empty Ethereum wallets protected with weak private keys in a process termed “Ethercombing.”

The attacker’s “Programmatic theft” process has emptied in excess of 10,000 wallet out of individuals across the globe starting from the first attacks six years prior.

1/ 🚨$90M stolen funds on the move: After 6 years of hodling, the “Blockchain Bandit” has awoken. In this 🧵 we cover how the Blockchain Bandit amassed this treasure trove and where the funds are currently held.
— Chainalysis (@chainalysis) January 25, 2023

In 2019,Blockchain Bandit managed to amass almost 45,000 ETH by successfully speculating those frail private keys.A security analyst discovered a hacker while researching private key generation.

He noted at the time that the hacker had set up a method to filch funds from addresses with weak keys.A total of 49,060 transactions were associated with the 732 weak private keys identified by the researchers.It is unclear the number of those were exploited by the bandit, however.

“There was a person who had an address who was going near and siphoning money from some of the keys we approached,” he said at the time.

Chainalysis created a diagram portraying the flow of the funds, however, it didn’t specify the target address, just labeling them as “intermediary addresses.”

To try not to have weak private keys, Chainalysis encouraged users to use notable and trusted wallets and consider moving funds to hardware wallets if a lot of cryptocurrency are involved.
Also in 2019, a computer researcher discovered a wallet vulnerability that issued the same key matches to multiple users.