How to steal the key of Ethereum wallet? (Part2)

How to steal the key of Ethereum wallet? (Part1)

The arrangement of Ethereum, the destination of Ethereum

Bedna Reek tried to deposit a dollar of Ethereum in a weak key address, which the thief had emptied before. Within a few seconds, it was transferred to the robber's account. Bednacre then attempted to put a dollar into a new weak key address that had not been used before, and it was also emptied in a few seconds. This time it was transferred to an Ethereum account worth only a few thousand dollars, but Bedna Reek saw thieves trying to steal it in an undetermined deal on the Ethereum blockchain. The thieves seem to have a large list of pre-generated keys and are scanning them at non-human, automatic speeds.

In fact, when the researchers looked at the blockchain robbers' records on the Ethereum ledger, it had stolen Ethereum from thousands of addresses in the past three years without any outflows.

When the Ethereum exchange rate peaked in January 2018, the robber’s account held 38,000 dollars, which was worth more than $54 million.

Since then, the value of Ethereum has plummeted, reducing the value of blockchain thieves by about 85%.

"Don't you feel sorry for him?" Bednarik said with a smile. "You have a thief here, he has accumulated this wealth and then lost everything when the market crashed."

Despite tracking these shifts, Bedna Reek does not really know who might be a blockchain thief. "I wouldn't be surprised if it were a country like North Korea, but it was just speculation," he said. He pointed out that the North Korean government has targeted cryptocurrency exchanges and other victims in recent years, stealing cryptocurrencies worth more than $500 million.

Weakened key

Bedna Reek also failed to identify the wrong or damaged wallet that produced a weak key. Instead, he can only see evidence of weak key creation and the resulting theft. He said: "We can see people being robbed, but we can't say which wallet is the culprit." Especially for blockchain thieves, it is unclear whether simple, weak key theft cases accounted for their theft. The vast majority of wealth. Thieves can also use other techniques, such as guessing the "brain wallet" password – an address protected with memorable words that are more vulnerable to violence than a completely random key. A group of security researchers found evidence of 2,846 bitcoins being stolen in 2017. At the current exchange rate, stolen bitcoins are worth more than $17 million. Later in 2015, in an "Ether" brain wallet theft, 40,000 cases of theft were stolen, almost as much as the blockchain thieves.

ISE has not successfully replicated its experiments on the original Bitcoin blockchain. But Bednarek did some spot checks on about 100 weak bitcoin keys and found that the contents of the corresponding wallet were also stolen, although there was no obvious thief taken by them – perhaps evidence It shows that the competition between thieves targeting Bitcoin is more intense and more dispersed than in Ethereum.

Bednerek believes that the lesson learned by ISE is that for wallet developers, they should carefully review their code to identify any vulnerabilities that might truncate the key and make it vulnerable. Users should pay attention to the wallet they choose. Bednarek said: "You can't call the service desk and let them cancel a transaction. When the transaction ends, it will disappear forever." "People should use a trusted wallet and download from a reliable source. ”

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Market

Wu's Weekly Picks: HSBC launches cryptocurrency ETF, US SEC rejects spot ETF application, Azuki criticized by community, and top 10 news (June 24-30)

Author | Wu's Top 100 Blockchain News This Week. US SEC Returns Spot ETF File According to WSJ, the US...

Blockchain

Gemini Exchange sets up insurance company to provide $ 200 million in insurance for custody services

The Winklevoss brothers' Gemini exchange has set up an insurance company to prepare up to $ 200 million in insur...

Market

Future of Web3: Triple Impact of VSAP on Exchanges, Financial Markets, and TradFi

With the rapid development of the virtual currency market, more and more people are investing and trading in virtual ...

Blockchain

The first in the industry! US cryptocurrency exchange INX seeks IPO listing

The cryptocurrency exchange attempted to raise funds through IPOs rather than ICOs, and INX was the first. On August ...

Blockchain

Exchange 5 hotspot tracking: The relationship between platform currency and IEO is like stocks and futures

On April 26th, an online conversation on the theme of “Exchange Hotspot Tracking” was held on TokenClub...