“After Two Years of Silence, the Weak Private Key Attacker ‘Blockchain Bandit’ Consolidates 51,000 Ether into a Multisig Address”

"After Two Years of Silence, the Weak Private Key Attacker 'Blockchain Bandit' Consolidates 51,000 Ether into a Multisig Address"

"After Two Years of Silence, the Weak Private Key Attacker 'Blockchain Bandit' Consolidates 51,000 Ether into a Multisig Address"

Table of Contents
Toggle

50,000 Ethereum Hacked and Transferred
Weak Private Key Guessing Attack
$2.3 Billion Lost in 2024

50,000 Ethereum Hacked and Transferred
According to a Telegram post by blockchain investigator ZachXBT on December 30, the hacker transferred 51,000 Ethereum (ETH) from 10 different wallet addresses to a multi-signature address “0xC45…1D542.”



This substantial transfer was completed in batches of approximately 5,000 Ethereum between 8:54 PM and 9:18 PM (UTC) on December 30. Prior to this, the funds had remained inactive in the 10 different wallets since being transferred on January 21, 2023, for nearly two years. Additionally, the hacker transferred 470 Bitcoin (BTC) in early 2023.

Weak Private Key Guessing Attack
The “Blockchain Bandit” first emerged in 2016 and peaked in thefts in 2018. According to a report by security company Independent Security Evaluators, the hacker systematically searched for weak private keys using a technique called “Ethercombing,” exploiting faulty random number generators and code vulnerabilities. They successfully cracked 732 sets of private keys, accumulating over 45,000 Ethereum through nearly 49,060 transactions.
Technically, this “weak private key guessing attack” should statistically be nearly impossible; however, certain wallets or tools used low-quality random number generators when generating private keys, resulting in non-random keys. This allowed the hacker to perform “weak private key guessing attacks” programmatically.
Using verified wallet software (such as MetaMask, Ledger, or Trezor) can avoid this issue.
As of now, the true identity of the “Blockchain Bandit” remains a mystery. However, security analyst Adrian Bednarek has speculated that national-level actors, such as North Korea, might be involved, potentially raising illegal funds on a large scale through such methods.

$2.3 Billion Lost in 2024
According to a report by on-chain security company Cyvers, there were 165 significant cryptocurrency security incidents in 2024, resulting in total losses amounting to $2.3 billion, an increase of 40% compared to 2023.
Among these incidents, access control breaches became the primary attack vector, accounting for 81% of all events and resulting in losses of $1.9 billion. These breaches primarily occurred within centralized exchanges and custodial platforms, exposing significant security vulnerabilities in the cryptocurrency industry.