A hacker dubbed “Blockchain Bandit” has finally awakened from a six-year slumber and has begun moving his ill-gotten gains.
Around $90 million in crypto stolen from the attacker’s long-running chain of “programmatic theft” since 2016 has been on the move over the past week, according to Chainalysis.
That included 51,000 Ether (ETH) and 470 Bitcoin (BTC) worth around $90 million, leaving the bandit’s address for a new one, as Chainalysis noted:
“We suspect the bandit is shifting its funds given the recent price spike.”
The hacker was dubbed “Blockchain Bandit” for his ability to empty Ethereum wallets protected with weak private keys in a process called “ethercombing.”
The attacker’s “programmatic theft” process has drained more than 10,000 wallets of individuals around the world since the first attacks six years ago.
1/ 90 million dollars stolen funds on the way: After 6 years of hodling, the “Blockchain Bandit” has awakened. In it, we cover how the Blockchain Bandit amassed this treasure trove and where the funds are currently being held.
— chain analysis (@chain analysis) January 25, 2023
In 2019, Cointelegraph reported that the “Blockchain Bandit” managed to amass almost 45,000 ETH by successfully guessing these weak private keys.
A security analyst said he accidentally discovered the hacker while investigating private key generation. He then discovered that the hacker had set up a node to automatically steal funds from addresses with weak keys.
Researchers identified 732 weak private keys associated with a total of 49,060 transactions. However, it is unclear how many of these were exploited by the bandit.
“There was a guy with an address who was going around taking money from some keys that we had access to,” he said at the time.
The chain analysis produced a chart showing the flow of funds but did not specify the destination address, only labeling them as “intermediate addresses”.
To avoid weak private keys, Chainalysis advised users to use well-known and trusted wallets and consider moving funds to hardware wallets when large amounts of cryptocurrency are involved to avoid weak private keys.
Related: Hackers Holding Stolen Cryptos: What’s the Long-Term Solution?
Also in 2019, a computer researcher discovered a wallet vulnerability that issued the same key pairs to multiple users.
