Saturday, January 23, 01:50
Home security Hacker steals ETH worth millions of dollars because of weak keys

Hacker steals ETH worth millions of dollars because of weak keys

HackerThe American company Independent Security Evaluators (ISE) has published a report on private keys for the Ethereum blockchain. A hacker has managed to guess a lot of weak private keys, which steals 45.000 ether (ETH).

Cointelegraph contacted Adrian Bednarek, senior analyst security in the ISE, to learn more about this case.

Bednarek said in his interview that he accidentally discovered the activity of the hacker. At that time he was engaged in another research.

"Creating a private key was one of the components we had to research. I was trying to figure out the basics of the private key in Ethereum: How big is it? How is it created? And how it is used to extract the public key and the public address ".

All the big ones blockchain (eg Ethereum, bitcoin) that support the ECDSA (Elliptic Digital Signature Algorithm) protocol, have private 256-bit keys. Predicting such a large key is extremely difficult. For this reason, researchers at ISE divided them into eight 32-bit "sub-domains".

These 8 parts contained a total of 34 billion weak keys, which were scanned by the researchers. This process lasted for a whole day.

These weak keys were created due to a defective code.

The private key works both as a username and as a password. They are not separate. So if two people use the same password to create a Brainwallet (that is, a wallet containing passwords for private key creation), then both will have exactly the same wallet. Somehow it's like having two people the same bank account.

Researchers found 732 weak private keys, which were linked to 49.060 transactions.

Bednarek says there are approximately 50 million keys in the Ethereum blockchain. His team managed to discover only 732.

Researchers observed how wallets are attached to private keys, and they noticed that many transactions were made to a particular address, but that money was never returned from that address.

The hacker was taking 12 money from the keys that the research team had access to. Apparently the hacker did the same thing with them researchers, because the prediction of the keys is statistically impossible. So he stole the funds of the users as soon as they were in their wallets.

The investigator found that the hacker had created a node so money from addresses with weak keys would be automatically transferred to his address. To make sure the researchers do, they used a honeypot. They used a weak key and sent a dollar. Researchers knew the hacker knew this key. In fact, they wanted to see how long they would take until the money was transferred to his address. It took only a few seconds, which means the process is done automatically. Once money is entered into an address, which the hacker knows is protected by a weak key, he immediately sends a money transfer request.

According to the data, the hacker has about 45.000 ETH, corresponding to 7.3 million dollars.

This particular hacker steals money for several years now. Many have complained and have reported cases of theft, which seem to be related to him.

The researcher admits that actor's techniques are always successful.

"This guy has taken a multi-level approach to stealing money."

The hacker is looking with great care to find purses that have weak private keys or RPCs that are not properly configured. Thus, he can exploit these elements and steal the money from the victim's wallet.

Such thefts are not only made in the Ethereum blockchain. The problem faced by the researchers is that they wanted to inform the address owners so they would be more careful. However, this is not feasible, because it is not easy to find the owner's identity.

So Bednarek contacted IFS for legal advice. They replied: "If you find something, leave it there. Do not make any transfers. That way you will not get yourself in trouble. "

Bednarek says there are two main reasons that private keys are vulnerable. The first reason is that there are bugs in the software that creates them. The second reason is that many users use easy and predictable phrases for their keys.

Bednarek advises users to use well-known and reliable wallets or prefer hardware and paper wallets, especially if they have large amounts cryptocurrency. The hardware wallet ensures that the key will not be revealed, while the paper wallet allows for a random code stored on paper to have no connection with the computer and therefore not to be attacked.

However, the most popular software is not absolutely safe. For example, lota wallet was broken by a developer, who was arrested after being charged with 10 theft of millions of dollars.

ISE will continue to monitor blockchains and weak private keys. Bednarek said they are planning to use GPUs that will allow them to scan 38 billion key in a matter of seconds.

With the most effective scanning, they can be expanded into more areas.

Finally, researchers are planning to publish some information that will help cryptocurrency users to be aware of possible attacks and to do their own research. Perhaps the cooperation of users and experts may be more effective in dealing with the situation.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Intel CPUs Review: Core i7-10700 vs Core i7-10700K!

Over the years, the Intel series of processors (CPUs) introduced the series of overclocking models "K" and more recently the series ...

The DeLorean can return as an electric car

The DMC DeLorean has been out of production for almost 40 years, but it looks like the iconic vehicle will return as an electric car.

Windows RDP servers are used to support DDoS

Cybercrime gangs are abusing Windows Remote Desktop Protocol (RDP) systems to reinforce the unwanted ...

SEPA: He refused to pay a ransom and thousands of files were leaked

Thousands of stolen files of the Scottish Environmental Protection Agency (SEPA) have been published by hackers, after the organization refused to pay the ransom ...

Fines at Valve, Capcom and Zenimax for geo-exclusion of games

Following a European Commission investigation, a group of video game publishers was fined € 7,8 million following allegations of geo-exclusion practices. In...

Bitcoin helps the middle class survive the pandemic

Regulators still imply that Bitcoin is just a tool for criminals, but it seems that for the middle class ...

Lightworks 2021.1 for Linux, Mac and Windows has been released

Lightworks Professional Multi-Platform Video Editing Software received the first major update to Lightworks 2021.1 for Windows, Linux and Mac.

Netflix: Watch the 9 best Anime movies of all time

One of the good things about the pandemic was that many people were introduced to the anime world. And the issue with anime is ...

CHwapi: Windows BitLocker "hit" the Belgian hospital!

The CHwapi hospital in Belgium was attacked by a cyber attack on January 17, with hackers claiming to have encrypted 40 servers and 100 ...

CPU / GPU Lotteries: Newegg sells the few on the market

Hardware shortages are not uncommon, but the pandemic has worsened the situation. The whole planet is closed to ...