🕵️‍♀️ [Analysis] A 'Blockchain Bandit' is guessing private keys and scoring millions - Andy Greenberg

An anonymous 'blockchain bandit' has stolen some 45,000 Ether ($ETH) using an automated guessing trick, according to Independent Security Evaluators. The odds of guessing a private key are essentially zero, but due to inexperienced users, malicious actors, or bad wallet codes, some private keys are quite simple. Of the 34 billion Ethereum addresses scanned by ISE, 732 popped up as guessable keys all were emptied, perhaps by nefarious actors. When scanning, ISE found one account in particular holding $7.7 million worth of presumably stolen Ether. Further analysis showed the deposits were pulled from thousands of disparate addresses into the central wallet. While ISE can see whose been robbed, it cannot show how. So, ISE tested the bandit by placing funds in an easily guessable wallet: it was gone within milliseconds. Testing ISE's program on Bitcoin ($BTC) addresses showed similar results, but not nearly to the same scale. The blockchain bandit is more reason to pick a great wallet, not just a good one.

Let us know what you loved about the report, what may be missing, or share any other feedback by filling out this short form. All responses are subject to our Privacy Policy and Terms of Service.