Categories: Ethereum

Ether Thief Found Stealing Funds With Weak Private Keys

Click here to view original web page at www.coindesk.com

An unknown entity has been scooping up ether — the native cryptocurrency of the ethereum network — by taking advantage of weak private keys to gather up tens of thousands of ETH, according to a new study.

The study — “Ethercombing: Finding Secrets in Popular Places” — was undertaken by Independent Security Evaluators (ISE), a security consulting firm, and published Tuesday. The company’s findings were also covered in a story by Wired’s Andy Greenberg.

At one point — January 2018, during last year’s crypto price ramp — this amounted to nearly 38,000 ETH, an amount worth more than $54 million. Now, according to the report, the so-called “blockchainbandit” — holds 44,744 ETH, or $6.1 million worth, in an address discovered amid a search for addresses that are protected by weak private keys. Private keys are strings of data that, in the case of cryptocurrencies, enable users to actually send out transactions from their addresses. These keys need to be closely guarded or may otherwise become compromised, allowing outside actors — in this case, the blockchainbandit — to pilfer the funds instead.

At the outset, ISE sought to “discover keys that may have been generated using faulty code, faulty random number generators, or a combination of both,” given that, under normal circumstances, discovering ones created as intended should be “all but impossible,” according to the firm.

All the same, ISE found 732 private keys over the course of its investigation, which combined issued just over 49,000 ethereum transactions. The team also “identified 13,319 Ethereum that was transferred to either invalid destination addresses, or wallets derived from weak keys that at the height of the Ethereum market had a combined total value of $18,899,969.”

Adrian Bednarek, a researcher and analyst for ISE, told Wired that the unknown thief “was doing the same things we were doing but he went above and beyond” and that the process itself was likely automated.

“Whoever this guy or these guys are, they’re spending a lot of computing time sniffing for new wallets, watching every transaction, and seeing if they have the key to them,” Bednarek told the publication.

In the report’s conclusion, ISE wrote that “it should be concluded that any systems that handle private keys will be at an increased threat for targeted attacks” by would-be crypto-thieves.

“Software developers that design software or systems that interact with highly valuable private keys should incorporate all available defense in depth principles to counter present threats and use innovative measures to counter advanced present and future threats against these high value assets,” the team wrote.

Ethereum coin on black background image via Shutterstock

cinerama

Illuminati, Mason, Anonymous I'll never tell. I can tell you this, global power is shifting and those who have the new intelligence are working to acquire this new force. You matter naught except to yourself, therefore prepare for the least expected and make your place in the new world order.

Disqus Comments Loading...
Share
Published by
cinerama

Recent Posts

Terrorists are turning to Bitcoin for funding, and they’re learning fast

Representational image of Bitcoin. (File: Bloomberg) By Nathaniel Popper Hamas, the militant Palestinian group, has been designated a terrorist organization… Read More

4 hours ago

Latest Faketoshi says he conveniently ‘lost the hard drive’ containing billions in Bitcoin

Just yesterday we told you how there was a new Faketoshi in town, staking a questionable claim to the Bitcoin… Read More

4 hours ago

Study Suggests Scarcity Could Drive Bitcoin Prices to $60,000 by May 2020

Share Tweet Send Share Bitcoin price predictions have been coming thick and fast in recent months as the world’s top… Read More

4 hours ago

“Bitcoin will never hit 50k” says crypto skeptic Peter Schiff

For a man that wants nothing to do with Bitcoin , economist and Euro Pacific Capital CEO Peter Schiff never… Read More

4 hours ago

Casa Releases Node Monitor Service to Improve Bitcoin Network Health

Casa, a crypto firm that provides a private key management service and Bitcoin node machine, has unveiled a node monitor… Read More

4 hours ago

ETC/ETH Technical Analysis: Ethereum Classic breaks higher

Ethereum Classic vs Ethereum: Classic is making a comeback today An important price level has been broken 0.037673 looks to… Read More

4 hours ago

This website uses cookies. We use these cookies to collect data about your interaction with our website for the purpose of continuously improving your experience with our site. For more information we encourage you to read our privacy policy.

Read More