Hackers dubbed “blockchain thieves” have finally woken up from their six-year slumber and put their ill-gotten gains to work.
According to Chainalysis, nearly $90 million in cryptocurrency stolen from a long series of “programmatic thefts” by attackers since 2016 began to move in the past week.
This included 51,000 Ether (ETH) and 470 Bitcoin (BTC), worth about $90 million in total, leaving the thieves’ address to a new one. Chainalysis said:
“Given the recent surge in prices, we suspect the bandits are moving the funds.”
The hackers were dubbed the “Blockchain Bandit” because they were able to empty Ethereum wallets protected by weak private keys in a process called “Ethercomming.”
Since the initial attack was carried out six years ago, the attackers’ programmatic theft process has exfiltrated over 10,000 wallets from individuals around the world.
1/ $90M stolen funds in transit: After 6 years in arrears, the “blockchain bandits” have awakened. This article explains how Blockchain Bandit collected this treasure trove and where the funds are currently stored.
— Chainalysis (@chainalysis) January 25, 2023
In 2019, Cointelegraph reported that Blockchain Bandit successfully guessed a weak private key and won almost 45,000 ETH.
A security analyst says he stumbled across the hacker while investigating private key generation. He noted that at the time, hackers were setting up nodes that automatically steal funds from addresses with weak keys.
Researchers identified 732 weak private keys associated with a total of 49,060 transactions. However, it is unknown how many of them were exploited by bandits.
“There was a guy who had an address and was siphoning money off some of the keys we had access to,” he said at the time.
Chainalysis created a diagram showing the flow of funds, but did not specify the target address, just labeled it as an “intermediate address”.
To avoid having weak private keys, Chainalysis urges users to use well-known and trusted wallets and consider moving funds to hardware wallets when large amounts of cryptocurrency are involved. advised.
Related: Hackers Holding Stolen Crypto: What’s the Long-Term Solution?
Also in 2019, computer researchers discovered a vulnerability in wallets that issued the same key pair to multiple users.