Blockchain Bandit, a notorious hacker who stole 51,000 Ether mostly by guessing weak private keys, has consolidated the funds into a single wallet after nearly two years of dormancy. All 51,000 Ether (ETH) were transferred from 10 wallet addresses to the multisignature address “0xC45…1D542,” blockchain investigator ZachXBT said in a Dec. 30 Telegram post. The funds were transferred in mostly 5,000 Ether batches between Dec. 30 at 8:54 pm UTC and 9:18 pm UTC. Before that, the stolen funds had remained dormant in the 10 wallet addresses since Jan. 21, 2023, when the 51,000 Ether was previously moved. Around the same time, the hacker also moved 470 Bitcoin (BTC).
Blockchain Bandit managed to amass almost 45,000 Ether by successfully guessing weak private keys, Cointelegraph reported in April 2019, citing a report from Independent Security Evaluators. While guessing a private key is meant to be a statistical improbability, the hacker managed to uncover 732 private keys linked to 49,060 transactions. The hacker used brute force searches for random private keys using a combination of looking for faulty code and faulty random number generators through a process termed “Ethercombing,” crypto security analyst Adrian Bednarek explained at the time. The hacker had been committing this kind of “programmatic theft” since 2016, with the most significant scalps occurring in 2018, according to ZachXBT.
While Blockchain Bandit’s identity is unknown, Bednarek previously suggested a state actor such as North Korea may be behind the thefts.
Crypto hackers stole over $2.3 billion worth of assets across 165 major incidents in 2024, marking a 40% increase compared to 2023, according to a report shared by onchain security firm Cyvers. The 40% increase was mainly attributed to the rise of access control breaches, particularly on centralized exchanges and custodian platforms. Access control vulnerabilities accounted for 81% or $1.9 billion worth of value stolen in 2024 from 67 cybersecurity incidents.