{"id":543800,"date":"2023-01-26T08:39:26","date_gmt":"2023-01-26T05:39:26","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/blockchain-bandit-reawakens-90m-in-stolen-crypto-seen-shifting\/"},"modified":"2023-01-26T08:39:26","modified_gmt":"2023-01-26T05:39:26","slug":"blockchain-bandit-reawakens-90m-in-stolen-crypto-seen-shifting","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/blockchain-bandit-reawakens-90m-in-stolen-crypto-seen-shifting\/","title":{"rendered":"# &#8216;Blockchain Bandit&#8217; reawakens: $90M in stolen crypto seen shifting"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3bf3794e781\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3bf3794e781\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/blockchain-bandit-reawakens-90m-in-stolen-crypto-seen-shifting\/#%E2%80%9D_%E2%80%98Blockchain_Bandit_reawakens_90M_in_stolen_crypto_seen_shifting_%E2%80%9C\" >&#8221; &#8216;Blockchain Bandit&#8217; reawakens: $90M in stolen crypto seen shifting &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_%E2%80%98Blockchain_Bandit_reawakens_90M_in_stolen_crypto_seen_shifting_%E2%80%9C\"><\/span>&#8221; &#8216;Blockchain Bandit&#8217; reawakens: $90M in stolen crypto seen shifting &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div class=\"post-content\" data-v-5a4050f8>A hacker dubbed the \u201cBlockchain Bandit\u201d has finally woken from a six-year slumber and has started to move their ill-gotten gains.<\/p>\n<p>According to Chainalysis, around $90 million in crypto pilfered from the attacker\u2019s long-running string of \u201cprogrammatic theft\u201d since 2016 has started moving over the past week. <\/p>\n<p>This included 51,000 Ether (ETH) and 470 Bitcoin (BTC)\u00a0\u2014 worth a total of around $90 million\u00a0\u2014 leaving the bandit\u2019s address for a new one. Chainalysis noted:<\/p>\n<blockquote><p>\u201cWe suspect that the bandit is moving their funds given the recent jump in prices.\u201d<\/p><\/blockquote>\n<p>The hacker was dubbed the \u201cBlockchain Bandit\u201d due to being able to empty Ethereum wallets protected with weak private keys in a process termed \u201cEthercombing.\u201d<\/p>\n<p>The attacker\u2019s \u201cprogrammatic theft\u201d process has drained more than 10,000 wallets from individuals across the globe since the first attacks were perpetrated six years ago. <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">1\/ $90M stolen funds on the move: After 6 years of hodling, the \u201cBlockchain Bandit\u201d has awoken. In this  we cover how the Blockchain Bandit amassed this treasure trove and where the funds are currently held.<\/p>\n<p>\u2014 Chainalysis (@chainalysis) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/chainalysis\/status\/1618282974973427712?ref_src=twsrc%5Etfw\">January 25, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In 2019, Cointelegraph reported that the Blockchain Bandit managed to amass almost\u00a045,000 ETH by successfully guessing those frail private keys.<\/p>\n<p>A security analyst said he discovered the hacker by accident while researching private key generation. He noted at the time that the hacker had set up a node to automatically filch funds from addresses with weak keys.<\/p>\n<p>The researchers identified 732 weak private keys associated with a total of 49,060 transactions. It is unclear how many of those were exploited by the bandit, however.<\/p>\n<p>\u201cThere was a guy who had an address who was going around and siphoning money from some of the keys we had access to,\u201d he said at the time.<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/s3.cointelegraph.com\/uploads\/2023-01\/6543edc7-5c47-4a0a-bc7c-3a052a9ed1c7.jpg\" alt=\"\" title=\"\"><figcaption style=\"text-align: center;\"><em>Blockchain Bandit crypto movements. Source: Chainalysis<\/em><\/figcaption><\/figure>\n<p>Chainalysis produced a diagram depicting the flow of the funds, however, it did not specify the target address, only labeling them as \u201cinter<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">media<\/a>ry addresses.\u201d<\/p>\n<p>To avoid having weak private keys, Chainalysis advised users to use well-known and trusted wallets and consider moving funds to hardware wallets if large amounts of cryptocurrency are involved.<\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>Hackers keeping stolen crypto: What is the long-term solution?<\/em><\/strong><\/p>\n<p>Also in 2019, a computer researcher discovered a wallet vulnerability that issued the same key pairs to multiple users.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"crypto_biz\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/blockchain-bandit-reawakens-90m-in-stolen-crypto-seen-shifting\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; &#8216;Blockchain Bandit&#8217; reawakens: $90M in stolen crypto seen shifting &#8220; A hacker dubbed the \u201cBlockchain Bandit\u201d has finally woken from a six-year slumber and has started to move their ill-gotten gains. According to Chainalysis, around $90 million in crypto pilfered from the attacker\u2019s long-running string of \u201cprogrammatic theft\u201d since 2016 has started moving over&#8230;<\/p>\n","protected":false},"author":1,"featured_media":543801,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/cdn-cgi\/image\/format=auto,onerror=redirect,quality=90,width=1200\/https:\/\/s3.cointelegraph.com\/uploads\/2023-01\/7601ce0a-a47e-46d8-9476-f5c9f9d6b9a7.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74894,76978,74882,70944],"class_list":["post-543800","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-blockchain","tag-cybercrime","tag-hacks","tag-hackers"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/543800","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=543800"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/543800\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/543801"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=543800"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=543800"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=543800"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}