After a short hiatus, the infamous “Blockchain Bandit” has re-emerged because the yr ends, consolidating a staggering 51,000 ETH, valued at roughly $172 million, right into a single multisig pockets.
This switch was made on December 30.
“Blockchain Bandit” Returns
Within the newest update, outstanding blockchain investigator ZachXBT revealed that the consolidation originated from 10 wallets, which have been dormant for nearly two years, with the final exercise being flagged in January 2023. Alongside the Ether switch, 470 BTC had been additionally moved.
The Blockchain Bandit earned infamy between 2016 and 2018 by way of an insidious method referred to as “Ethercombing.” By exploiting cryptographic vulnerabilities, the attacker systematically guessed weak non-public keys, which had been typically generated by defective random quantity algorithms or misconfigured wallets.
This methodology allowed the malicious entity to steal greater than 45,000 ETH throughout 49,060 transactions by compromising 732 non-public keys. Whereas brute-forcing non-public keys is mostly deemed inconceivable attributable to their huge numerical vary, the Bandit capitalized on predictable flaws akin to non-random key technology and poorly applied restoration phrases.
Cybersecurity analysts counsel that state-sponsored actors, probably North Korean hacker teams, could possibly be behind the assaults, noting parallels with different large-scale crypto thefts. Such teams are recognized to focus on cryptocurrency platforms to fund illicit operations, together with weapons packages.
The Bandit’s latest exercise – coupled with the usage of multi-signature wallets – indicators preparations for probably laundering the funds by way of mixers or decentralized exchanges to obscure their origins.
From Faux Conferences to Seed Phrase Traps
This attacker’s resurgence comes amid a wider uptick in crypto cybercrime as fraudsters develop new methods to ensnare unsuspecting targets. Earlier this month, hackers had been reported to have exploited faux Zoom assembly hyperlinks to focus on crypto customers and steal delicate credentials in addition to digital belongings.
SlowMist traced the malware’s code to Russian-linked operatives, revealing over $1 million transformed to ETH.
One other rip-off targeted opportunistic thieves by sharing seed phrases of pretend crypto wallets. As soon as accessed, the wallets demand TRX for transaction charges, rerouting funds to scammers as an alternative. Kaspersky warns that this scheme, disguised as a newbie’s mistake, manipulates thieves into changing into victims of their very own greed.
Binance Free $600 (CryptoPotato Unique): Use this link to register a brand new account and obtain $600 unique welcome supply on Binance (full details).
LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE place on any coin!
After a short hiatus, the infamous “Blockchain Bandit” has re-emerged because the yr ends, consolidating a staggering 51,000 ETH, valued at roughly $172 million, right into a single multisig pockets.
This switch was made on December 30.
“Blockchain Bandit” Returns
Within the newest update, outstanding blockchain investigator ZachXBT revealed that the consolidation originated from 10 wallets, which have been dormant for nearly two years, with the final exercise being flagged in January 2023. Alongside the Ether switch, 470 BTC had been additionally moved.
The Blockchain Bandit earned infamy between 2016 and 2018 by way of an insidious method referred to as “Ethercombing.” By exploiting cryptographic vulnerabilities, the attacker systematically guessed weak non-public keys, which had been typically generated by defective random quantity algorithms or misconfigured wallets.
This methodology allowed the malicious entity to steal greater than 45,000 ETH throughout 49,060 transactions by compromising 732 non-public keys. Whereas brute-forcing non-public keys is mostly deemed inconceivable attributable to their huge numerical vary, the Bandit capitalized on predictable flaws akin to non-random key technology and poorly applied restoration phrases.
Cybersecurity analysts counsel that state-sponsored actors, probably North Korean hacker teams, could possibly be behind the assaults, noting parallels with different large-scale crypto thefts. Such teams are recognized to focus on cryptocurrency platforms to fund illicit operations, together with weapons packages.
The Bandit’s latest exercise – coupled with the usage of multi-signature wallets – indicators preparations for probably laundering the funds by way of mixers or decentralized exchanges to obscure their origins.
From Faux Conferences to Seed Phrase Traps
This attacker’s resurgence comes amid a wider uptick in crypto cybercrime as fraudsters develop new methods to ensnare unsuspecting targets. Earlier this month, hackers had been reported to have exploited faux Zoom assembly hyperlinks to focus on crypto customers and steal delicate credentials in addition to digital belongings.
SlowMist traced the malware’s code to Russian-linked operatives, revealing over $1 million transformed to ETH.
One other rip-off targeted opportunistic thieves by sharing seed phrases of pretend crypto wallets. As soon as accessed, the wallets demand TRX for transaction charges, rerouting funds to scammers as an alternative. Kaspersky warns that this scheme, disguised as a newbie’s mistake, manipulates thieves into changing into victims of their very own greed.
Binance Free $600 (CryptoPotato Unique): Use this link to register a brand new account and obtain $600 unique welcome supply on Binance (full details).
LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE place on any coin!
