A single Ethereum account, dubbed ‘Blockchain bandit’, managed to steal 45,000 ETH (around $50 mln at the time of writing) by guessing the private keys of his victims, Wired reports. In certain cases, it is not that hard to get around a long string of digits.
The guessing game
The study entitled Ethercombing: Finding Secrets in Popular Places, conducted by security consulting company Independent Security Evaluators (ISE), sheds light on the modus operandi of the above-mentioned Blockchain bandit, who made a fortune because of weak private keys. Normally, one has a snowball's chance in hell of correctly guessing the 78-digit code (1 in 115 quattuorvigintillion), but there are numerous workarounds for bad actors.
In particular, some private keys were cut off due to coding errors or being compromised by malicious software. Some users were also gullible enough to come up with their own keys that were easy to guess. After analyzing 34 billion Ethereum addresses, ISE found 732 private keys, and (you guessed it) all ETH holdings have already been pilfered.
Is North Korea behind it?
The researchers would methodically send a dollar worth of ETH to ‘weak’ addresses to check how fast they would be stolen. ISE points out that there are multiple competing ‘Blockchain bandits’ who strive to snatch new deposits first. However, the fact that these transactions are conducted ‘within milliseconds’ proves that it could be automated bots who are operated by a single actor.
They do not rule out that it could be North Korea since the country relies on crypto to maintain its authoritarian regime.