With the increasing popularity of cryptocurrency, the hackers are also finding new ways to infiltrate into innocent’s wallet. Of course, getting into one’s wallet is not much complicated as breaking a bank account, it is just a guessing game of the password. The man who is now getting designated as blockchain bandit has managed to guess a weak password and have acquired 45000 Ethereum as per the reports published on 23rd April.
A senior security analyst of Independent Security Elevator Mr. Adrian Bednarek said he had discovered the hacker by chance while assessing a client. It is not a common thing to guess the private key, but this so-called bandit has revealed 732 private keys by his pure research. He made transactions using those wallets in a way as if those were his own.
The researcher said the bandit had taken advantage of the faulty code and faulty random number generators to guess the private keys. Usually, a hacker uses a phishing scheme or brute force to imagine a private key.
The researcher found that some wallets were experiencing high volume to a particular address. To find out more detail’s researchers had put one dollar to one of, and the money quickly slipped into the bandit wallet. These wallets were seen to have private keys like “0x01”, which is a digital currency correspondent to make a password. A password should be long and random. As per the researchers, these keys were unknowingly cut short by the wallet software. It also has the possibility that the wallet owners have created these kinds of password or may have got randomly generated and assigned.
Although researchers have requested the developers to audit the codes properly to find out if it has any bug that can truncate the password. As the gone fund cannot be reversed, and helpdesk also cannot help in such a situation. He also said people should use wallets from trusted vendors and download the same from trusted sites.
The total Ethereum coins stolen by the bandit has a market value of $7.8 million. In spite of having all this information, the actual criminal could not be caught. The chances are there that these acts are done by a single person using a bot as the transactions happen in a millisecond.
Although the researchers did not rule out the fact that North Korea can be behind it as their economy is mostly dependent on the cryptocurrencies.