After a quick hiatus, the infamous “Blockchain Bandit” has re-emerged because the yr ends, consolidating a staggering 51,000 ETH, valued at roughly $172 million, right into a single multisig pockets.
This switch was made on December 30.
“Blockchain Bandit” Returns
Within the newest update, distinguished blockchain investigator ZachXBT revealed that the consolidation originated from 10 wallets, which have been dormant for nearly two years, with the final exercise being flagged in January 2023. Alongside the Ether switch, 470 BTC have been additionally moved.
The Blockchain Bandit earned infamy between 2016 and 2018 via an insidious approach referred to as “Ethercombing.” By exploiting cryptographic vulnerabilities, the attacker systematically guessed weak non-public keys, which have been usually generated by defective random quantity algorithms or misconfigured wallets.
This methodology allowed the malicious entity to steal greater than 45,000 ETH throughout 49,060 transactions by compromising 732 non-public keys. Whereas brute-forcing non-public keys is mostly deemed inconceivable attributable to their huge numerical vary, the Bandit capitalized on predictable flaws corresponding to non-random key technology and poorly carried out restoration phrases.
Cybersecurity analysts counsel that state-sponsored actors, presumably North Korean hacker teams, might be behind the assaults, noting parallels with different large-scale crypto thefts. Such teams are recognized to focus on cryptocurrency platforms to fund illicit operations, together with weapons applications.
The Bandit’s current exercise – coupled with the usage of multi-signature wallets – alerts preparations for doubtlessly laundering the funds via mixers or decentralized exchanges to obscure their origins.
From Faux Conferences to Seed Phrase Traps
This attacker’s resurgence comes amid a wider uptick in crypto cybercrime as fraudsters develop new methods to ensnare unsuspecting targets. Earlier this month, hackers have been reported to have exploited pretend Zoom assembly hyperlinks to focus on crypto customers and steal delicate credentials in addition to digital property.
SlowMist traced the malware’s code to Russian-linked operatives, revealing over $1 million transformed to ETH.
One other rip-off targeted opportunistic thieves by sharing seed phrases of pretend crypto wallets. As soon as accessed, the wallets demand TRX for transaction charges, rerouting funds to scammers as a substitute. Kaspersky warns that this scheme, disguised as a newbie’s mistake, manipulates thieves into turning into victims of their very own greed.
Binance Free $600 (CryptoPotato Unique): Use this link to register a brand new account and obtain $600 unique welcome provide on Binance (full details).
LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE place on any coin!