This hack is not normal! By guessing the private key, I successfully stolen 45,000 ETHs.

On April 23, a report issued by analyst firm Independent Security Evaluators stated that a “blockchain robber” successfully stole nearly 45,000 ETHs by successfully guessing a weaker private key.

Photo-1504139969750-3244f9258fce_meitu_1

Image source: unsplash

Senior security analyst Adrian Bednarek said he had accidentally discovered the sophisticated hacker. While guessing that the private key is statistically impossible, the hacker discovered 732 private keys through research that allowed him to use the private keys to complete transactions just like the account holder.

The report pointed out that the hacker did not use brute force search for random private keys, but instead used a combination of lookup error codes and error random number generators.

Bednarek then noticed that some wallets were associated with the private keys found by their sub-optimal methods, and that they had a large number of transactions flowing to an address, but no funds came back. Bednarek said:

"There is a guy who has an address and steals money from some of the private keys we can access. We found 735 private keys, and he happened to take the money out of the 12 private keys we could get. From statistics On the upside, he is unlikely to happen to guess the private keys, so he is likely to do the same thing… basically, as soon as the money enters the people's wallet, he starts stealing money."

At the Ethereum's new high, the robber's spoils are estimated to be worth more than $50 million. At the time of writing this report, the value of these funds was approximately $7.8 million.

According to Bednarek, the private key may be vulnerable to attacks due to coding errors in the software responsible for generating the private key. Another theory is that a password owner who obtains a private key through a passphrase uses a fragile entry such as "abc123" and even leaves the passphrase blank, thereby generating the same key.

Although the identity of the blockchain robber is unclear, Bednarek said that countries such as North Korea may be behind the theft. In March of this year, a report by the UN Security Council said that North Korea accumulated 670 million US dollars of legal and cryptocurrencies through hacking to avoid punitive economic sanctions.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Policy

Testifying in Court: SBF’s Crypto Circus Unveiled 🎪

On October 26, ex-FTX CEO Sam Bankman-Fried faced tough questioning from Assistant U.S. Attorney Danielle Sassoon beh...

Blockchain

Compliance, endorsement path: inventory cryptocurrency exchange registration holy place

The increase was 132.58%. Tongcheng Holdings announced that it had changed its name to Firecoin Technology. The found...

Blockchain

Bloomberg Interview with He Yi: My relationship with CZ is that of a mentor, friend, and spouse.

He Yi referred to Zhao as a comrade-in-arms and also as a college roommate. She said that their relationship only beg...

Market

Interview with Circle CEO by Fortune What role does stablecoin play in the cryptocurrency market?

This article discusses the differences between the cryptocurrency crash in 2022 and the late 1990s internet bubble, t...

Blockchain

We sorted out 40 "running road" cryptocurrency exchanges, all of which share these common routines

Article | Interchain Pulse · Liangshan Huarong On February 23, the ZG exchange was exposed as suspected to be ru...

Market

FTX may be approved to liquidate $3.4 billion worth of tokens this week. What impact will it have on the market?

FTX may obtain court approval for asset liquidation on September 13th. Under the pressure of 3.4 billion sell-off, th...