0
📰 News

Single Ethereum Account Stole $50 Mln Worth of ETH by Correctly Guessing Private Keys

  • Alex Dovbnya
    📰 News

    Are you sure that your private key is secure enough? The latest study shows that it could be easily guessed by ‘Blockchain bandits’


Single Ethereum Account Stole $50 Mln Worth of ETH by Correctly Guessing Private Keys
Contents

A single Ethereum account, dubbed ‘Blockchain bandit’, managed to steal 45,000 ETH (around $50 mln at the time of writing) by guessing the private keys of his victims, Wired reports. In certain cases, it is not that hard to get around a long string of digits.    

👉MUST READ

It Would Take Several Seconds to Hack Every Cryptocurrency in the Nearest Future

It Would Take Several Seconds to Hack Every Cryptocurrency in the Nearest Future

The guessing game

The study entitled Ethercombing: Finding Secrets in Popular Places, conducted by security consulting company Independent Security Evaluators (ISE), sheds light on the modus operandi of the above-mentioned Blockchain bandit, who made a fortune because of weak private keys. Normally, one has a snowball's chance in hell of correctly guessing the 78-digit code (1 in 115 quattuorvigintillion), but there are numerous workarounds for bad actors.

In particular, some private keys were cut off due to coding errors or being compromised by malicious software. Some users were also gullible enough to come up with their own keys that were easy to guess. After analyzing 34 billion Ethereum addresses, ISE found 732 private keys, and (you guessed it) all ETH holdings have already been pilfered.

👉MUST READ

Hacked Zaif Exchange Is Back, Fully Operational with New Management Team

Hacked Zaif Exchange Is Back, Fully Operational with New Management Team

Is North Korea behind it?

The researchers would methodically send a dollar worth of ETH to ‘weak’ addresses to check how fast they would be stolen. ISE points out that there are multiple competing ‘Blockchain bandits’ who strive to snatch new deposits first. However, the fact that these transactions are conducted ‘within milliseconds’ proves that it could be automated bots who are operated by a single actor.

They do not rule out that it could be North Korea since the country relies on crypto to maintain its authoritarian regime.

Cover image via u.today
Subscribe to the official U.Today Telegram channel. Get news first!

About the author

Alex Dovbnya (aka AlexMorris) is a cryptocurrency expert, trader and journalist with an extensive experience of covering everything related to the burgeoning industry — from price analysis to Blockchain disruption. Alex authored more than 1,000 stories for U.Today, CryptoComes and other fintech media outlets. He’s particularly interested in regulatory trends around the globe that are shaping the future of digital assets.

👓 Recommended articles

This site uses cookies for different purposes. Please set your preferences in Cookie Settings and visit our Cookie policy for more information on how and why cookies are used on this site. Click here for cookie policy

Cookie settings