Blockchain Bandit Moves $172 Million Stolen Ether After 2 Years of Dormancy
Highlights:
- Blockchain Bandit moves 51,000 ETH, valued at $172 million, after a two-year dormancy.
- The “Ethercombing” technique exploited weak private keys and misconfigured Ethereum nodes and passphrases.
- Cybersecurity experts link Blockchain Bandit to North Korea’s Lazarus Group, fueling suspicions.
Wallets tied to the infamous hacker group “Blockchain Bandit” have reportedly become active after being dormant for nearly two years. Blockchain investigator ZachXBT said in a Dec. 30 Telegram post that the attacker transferred 51,000 ETH, valued at over $172 million, from 10 separate wallets into a single multi-sig wallet address “0xC45…1D542.” The stolen funds have been inactive in 10 wallet addresses since January 21 last year. On that day, 51,000 Ether was moved. The attacker also transferred 470 BTC at the same time.
Advertisement
According to ZachXBT, the Blockchain Bandit attacker has become active again after years of dormancy, and has collected 51,000 ETH ($172.2 million) into a multi-signature address (0xC45C36017b0B7708f493534Ca4f0930964C1D542). https://t.co/lWmVEd2nJv
— Wu Blockchain (@WuBlockchain) December 31, 2024
The “Blockchain Bandit” uses a method called “Ethercombing.” This technique targets weak private keys by finding flaws in poorly written code and randomness generators. “The Bandit didn’t just target bad private keys. He also exploited: Weak passphrase-based wallets (like “Brainwallets”) and Misconfigured Ethereum nodes. His approach made him nearly unstoppable,” wrote Web3 analyst Pix.
Crypto security expert Adrian Bednarek stated that the hacker broke 732 private keys, which were linked to 49,060 transactions. The “Blockchain Bandit” started operating in 2016, with most of the thefts occurring in 2018. Within just eight months, they had stolen 45,000 ETH through automated methods, making them one of the largest threats in the crypto world.
Ethereum’s early vulnerabilities contributed to the problem. While developers are improving coding practices, the damage is done. The Bandit’s automated key-scanning system exploited these weaknesses. It drained wallets with remarkable efficiency.
Blockchain Bandit Suspected of Ties to North Korea’s Lazarus Group
The Blockchain Bandit’s operation has attracted more than just technical attention. Some cybersecurity experts suspect a connection between the Bandit and North Korean hacker groups. These groups are notorious for targeting crypto platforms to fund state-backed operations, including weapons development. The Bandit’s methods and the scale of the theft closely mirror those of Lazarus, a shadowy group tied to North Korea.
The return of the Blockchain Bandit highlights the vulnerabilities within the crypto space. These weaknesses are an inevitable part of the blockchain ecosystem. Crypto security experts warn that flaws in private key generation can lead to major breaches. Hackers exploiting defective random number generators can replicate private keys and gain unauthorized access to wallets. This incident underscores the need for secure key management and strong encryption practices.
Crypto Hacks Wipe Out $2.3 Billion This Year
Crypto hackers stole over $2.3 billion in assets across 165 incidents this year. This marks a 40% increase from 2023, when they stole $1.69 billion, according to a report by on-chain security firm Cyvers. Bitcoin surpassed $100,000 on December 6, fueling the surge.
Crypto hacks wipe out $2.3B in 2024, marking 40% YoY surge
According to Cyvers, the 40% yearly increase was mainly driven by growing access control vulnerabilities amid centralized exchanges and cryptocurrency custodians.#Norque #NOQ #Bitcoin #ETH #AI #Blockchain
— NORQUE-NOQ (@NorqueNoq) December 24, 2024
Smart-contract exploits stole $456 million across 98 incidents. They became the second-largest attack vector, responsible for 19% of the total value lost this year. Access control vulnerabilities stole $1.9 billion in 2024. They accounted for over 81% of the total losses from crypto hacks, spanning 67 incidents.
eToro Platform
Best Crypto Exchange
- Over 90 top cryptos to trade
- Regulated by top-tier entities
- User-friendly trading app
- 30+ million users
eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment and you should not expect to be protected if something goes wrong.
Advertisement
Syed Ali Haider
Ali Haider is a contributing crypto writer at Crypto2Community. He is a crypto and blockchain journalist with over six years of experience and has long advocated for digital freedom and cybersecurity. Haider has been featured in several high-profile crypto and finance outlets, including Coincult, AltcoinBeacon, BTCRead, and more.
View full profile ›ℹ️About Crypto2Community's Editorial Process
Crypto2Community's editorial policy is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict editorial policy and sourcing standards, and each page undergoes diligent review by our team of top crypto industry experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
