While researching key generation on Ethereum’s blockchain we discovered funds from weak private key addresses are being pilfered by someone. On 01/13/18, this blockchain bandit held a balance of 37,926 ETH valued at $54 million.
Read the research paper here: https://www.securityevaluators.com/casestudies/ethercombing/
Blockchain Security Blogs: https://blog.securityevaluators.com/blogchain/home
Follow us at: https://twitter.com/ISEsecurity
Ethercombing: Finding Secrets in Popular Places:
In our research we examine how, even when faced with this statistical improbability, ISE discovered 732 private keys as well as their corresponding public keys that committed 49,060 transactions to the Ethereum blockchain. Additionally, we identified 13,319 Ethereum that was transferred to either invalid destination addresses, or wallets derived from weak keys that at the height of the Ethereum market had a combined total value of $18,899,969.
In the process, we discovered that funds from these weak-key addresses are being pilfered and sent to a destination address belonging to an individual or group that is running active campaigns to compromise/gather private keys and obtain these funds. On January 13, 2018, this “blockchainbandit” held a balance of 37,926 ETH valued at $54,343,407.
Director and Producer: Sam Levin
Cinematography: Daniel Regner
Director of Photography: Zak Frederick
Animation: Donald Bomber
Produced by Independent Security Evaluators