$90M in stolen crypto seen shifting

A hacker dubbed the “Blockchain Bandit” has finally woken up from a six-year slumber and started moving his ill-gotten gains.

According to Chainalysis, around $90 million in stolen crypto from the attacker’s long string of “programmatic theft” since 2016 began moving over the past week.

This included 51,000 Ether (ETH) and 470 bitcoins (BTC), worth around $90 million, leaving the Bandit address for a new one, with Chainalysis noting:

“We suspect that the bandit is moving his funds given the recent rise in prices.”

The hacker was dubbed the “blockchain bandit” because he was able to empty Ethereum wallets protected with weak private keys in a process dubbed “Ethercombing.”

The attacker’s “programmatic theft” process has drained more than 10,000 wallets from people around the world since the first attacks were carried out six years ago.

In 2019, Cointelegraph reported that the “Blockchain Bandit” managed to amass almost 45,000ETH successfully guessing those fragile private keys.

A security analyst said he discovered the hacker by accident while investigating private key generation. He pointed out at the time that the hacker had set up a node to automatically steal funds from addresses with weak keys.

The researchers identified 732 weak private keys associated with a total of 49,060 transactions. However, it is not clear how many of them were exploited by the bandit.

“There was a guy that had an address that was going around and diverting money from some of the keys that we had access to,” he said at the time.

Blockchain Bandit crypto movements. Source: Chainalysis

Chainalysis produced a diagram depicting the flow of the funds, however it did not specify the destination address, only labeling them as “intermediate addresses”.

To avoid having weak private keys, Chainalysis advised users to use known and trusted wallets, and to consider transferring funds to hardware wallets if large amounts of cryptocurrency are involved to avoid having weak private keys.

Related: Hackers Keep Stolen Crypto: What’s the Long-Term Solution?

Also in 2019, a computer researcher discovered a wallet vulnerability that issued the same key pairs to multiple users.