Blockchain and crypto-based scams are slowly becoming the norm and recently an ethereum scam has been the center of attention. Apparently, a person dubbed the “blockchain bandit” stole over forty-five thousand (45,000 ETH) Ethereum coins by guessing the private keys of users.
The private keys that were weak were targetted the most. Adrian Bednarek is a security analyst and he was able to notice the crafty hacker’s tricks by accident. The hacker had by that time guessed almost seven hundred (732) private keys.
Private keys are extremely confidential to blockchains and are knows by the user only and cracking them single-handedly is a very statistically improbable task. Knowing an account’s private key allows the user to make transactions through that account.
The report on how this was carried out included the fact that only weak and faulty private keys were targetted.
Bednarek noticed the abnormal activity occurring in wallets that had high transaction volumes being sent to one address only and no incoming transactions were noticed. Bednarek said that there was one person behind the scene who was pulling the strings and stealing funds as soon as they were added into a wallet.
The stolen ethereum coin is equivalent to almost eight million dollars ($7.8m). The reason for the wallets having a weak private key may be because of a coding error in the software responsible for generating them or it could also be that the crypto owners are not being cautious enough.
Even though the person behind this scheme is unknown many are suspecting that North Korea was involved in all this. The suspicion is not invalid as North Korea has a history of stealing large sums of money with such schemes.