in

$90 million in stolen cryptocurrency spotted in exchange

$90 million in stolen cryptocurrency spotted in exchange

The hacker dubbed the “Blockchain Bandit” has finally woken up from a six-year slumber and started moving his ill-gotten money.

According to Chainalysis, about $90 million in crypto stolen by an attacker in a long chain of “software thefts” since 2016 has begun to move over the past week.

This included 51,000 ether (ETH) and 470 bitcoin (BTC) for a total of about $90 million, leaving the bandit’s address for a new one. Chain Analysis noted:

“We suspect the bandit is moving his funds given the recent price spike.”

The hacker has been nicknamed the “Blockchain Bandit” for being able to empty Ethereum wallets protected by weak private keys in a process called “Ethercombing.”

The attacker’s “software theft” process has emptied over 10,000 people’s wallets around the world since the first attacks took place six years ago.

In 2019, Cointelegraph reported that Blockchain Bandit managed to accumulate nearly 45,000 ETH by successfully guessing those fragile private keys.

The security analyst said he discovered the hacker by accident while investigating private key generation. At the time, he noted that the hacker created a node to automatically steal funds from addresses with weak keys.

The researchers identified 732 weak private keys associated with a total of 49,060 transactions. However, it is not clear how many of them the bandit used.

“There was a guy who had an address who was going around and siphoning money from some of the keys that we had access to,” he said at the time.

Cryptocurrency movements Blockchain Bandit. Source: Chain Analysis

Chainalysis created a chart showing the movement of funds, but did not provide a target address, only labeling it as a “stop address”.

To avoid weak private keys, Chainalysis advised users to use well-known and trusted wallets and consider transferring funds to hardware wallets if large amounts of cryptocurrency are involved.

Connected: Hackers Store Stolen Cryptocurrency: What’s the Long-Term Solution?

Also in 2019, a computer researcher discovered a wallet vulnerability that gave out the same key pairs to multiple users.