Unknown cybercriminal targeted weak private keys, taking off with at least $7m in ether

Ethereum • April 25, 2019, 4:00PM EDT
UPDATED: April 25, 2019, 9:06AM EDT
The Block

A "blockchain bandit” targeted easily guessable private keys to steal cryptocurrency, Wired writes. Security consultancy Independent Security Evaluators found that out of 34 billion blockchain addresses, at least 732 guessable keys that once held ether had been emptied some time ago. Twelve of them were attacked by the same person; their account now holds 45,000 ether (approximately worth $7.7 million now; valued at $54 million pre-crash), although its funds haven't moved in the last three years.

A key is usually a 78-digit string of numbers but there have been instances where they have values of just 1 or 2. Shorter, easier keys can result from a coding error, an inexperienced user choosing their own key, or malicious code that would corrupt the key-making process. A chance of guessing an Ethereum private key is 1 in 2256 - practically impossible. 

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

The thief seemed to have a vast, pre-generated list of keys and was scanning them at automated speed. According to ISE, those are likely “automated ethercombing thefts," meaning when funds were transferred to the keys, the money disappeared in a matter of seconds automatically. 

ISE has been unable to identify the blockchain bandit or the faulty or corrupted wallets that produce weak keys.

More by Carol Gaszcz