$90 million in stolen cryptos have been moved

A hacker dubbed “Blockchain Bandit” has finally awakened from a six-year slumber and has begun moving his ill-gotten gains.

Around $90 million in crypto stolen from the attacker’s long-running chain of “programmatic theft” since 2016 has been on the move over the past week, according to Chainalysis.

That included 51,000 Ether (ETH) and 470 Bitcoin (BTC) worth around $90 million, leaving the bandit’s address for a new one, as Chainalysis noted:

“We suspect the bandit is shifting its funds given the recent price spike.”

The hacker was dubbed “Blockchain Bandit” for his ability to empty Ethereum wallets protected with weak private keys in a process called “ethercombing.”

The attacker’s “programmatic theft” process has drained more than 10,000 wallets of individuals around the world since the first attacks six years ago.

In 2019, Cointelegraph reported that the “Blockchain Bandit” managed to amass almost 45,000 ETH by successfully guessing these weak private keys.

A security analyst said he accidentally discovered the hacker while investigating private key generation. He then discovered that the hacker had set up a node to automatically steal funds from addresses with weak keys.

Researchers identified 732 weak private keys associated with a total of 49,060 transactions. However, it is unclear how many of these were exploited by the bandit.

“There was a guy with an address who was going around taking money from some keys that we had access to,” he said at the time.

Blockchain Bandit crypto movements. Source: chain analysis

The chain analysis produced a chart showing the flow of funds but did not specify the destination address, only labeling them as “intermediate addresses”.

To avoid weak private keys, Chainalysis advised users to use well-known and trusted wallets and consider moving funds to hardware wallets when large amounts of cryptocurrency are involved to avoid weak private keys.

Related: Hackers Holding Stolen Cryptos: What’s the Long-Term Solution?

Also in 2019, a computer researcher discovered a wallet vulnerability that issued the same key pairs to multiple users.