This hack is not normal! By guessing the private key, I successfully stolen 45,000 ETHs.

On April 23, a report issued by analyst firm Independent Security Evaluators stated that a “blockchain robber” successfully stole nearly 45,000 ETHs by successfully guessing a weaker private key.

Photo-1504139969750-3244f9258fce_meitu_1

Image source: unsplash

Senior security analyst Adrian Bednarek said he had accidentally discovered the sophisticated hacker. While guessing that the private key is statistically impossible, the hacker discovered 732 private keys through research that allowed him to use the private keys to complete transactions just like the account holder.

The report pointed out that the hacker did not use brute force search for random private keys, but instead used a combination of lookup error codes and error random number generators.

Bednarek then noticed that some wallets were associated with the private keys found by their sub-optimal methods, and that they had a large number of transactions flowing to an address, but no funds came back. Bednarek said:

"There is a guy who has an address and steals money from some of the private keys we can access. We found 735 private keys, and he happened to take the money out of the 12 private keys we could get. From statistics On the upside, he is unlikely to happen to guess the private keys, so he is likely to do the same thing… basically, as soon as the money enters the people's wallet, he starts stealing money."

At the Ethereum's new high, the robber's spoils are estimated to be worth more than $50 million. At the time of writing this report, the value of these funds was approximately $7.8 million.

According to Bednarek, the private key may be vulnerable to attacks due to coding errors in the software responsible for generating the private key. Another theory is that a password owner who obtains a private key through a passphrase uses a fragile entry such as "abc123" and even leaves the passphrase blank, thereby generating the same key.

Although the identity of the blockchain robber is unclear, Bednarek said that countries such as North Korea may be behind the theft. In March of this year, a report by the UN Security Council said that North Korea accumulated 670 million US dollars of legal and cryptocurrencies through hacking to avoid punitive economic sanctions.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Blockchain

How to establish a compliant cryptocurrency exchange following the consecutive lawsuits against Binance and Coinbase?

Let's talk about the SEC's charges against Coinbase, which won't surprise any lawyer practicing in the United States ...

Market

Semafor The US Department of Justice is considering fraud charges against Binance, but is concerned about a FTX-style run in the market.

Insiders say that federal prosecutors are concerned that if they were to prosecute Binance, it could lead to a run on...

Blockchain

Encrypted exchange: a combination of Nasdaq and investment bank

After the big bull market in 2017, cryptocurrency exchanges have sprung up on the line, according to incomplete stati...

Blockchain

IEO’s embarrassment, the era of “receiving wages” may be gone forever.

"Oh… the market is in a downturn. Recently, the standard of living has plummeted." The soldiers sighe...

Blockchain

Analysis: How does the value chain of the blockchain industry work?

Over the past few years, blockchain technology has evolved from a purely technology to a multi-billion dollar industr...