The Blockchain Bandit, a hacker infamous for exploiting vulnerabilities in Ethereum wallets, has re-emerged, consolidating stolen assets after years of inactivity.
On December 30, blockchain investigator ZachXBT reported that the hacker transferred 51,000 ETH, worth approximately $172 million, into a single wallet.
These funds were transferred from ten previously inactive wallets, marking the hacker’s first significant activity in years.
The Blockchain Bandit
The Blockchain Bandit gained notoriety by exploiting weak private keys on the Ethereum blockchain. This technique involved targeting wallets with insecure keys, often set to simple sequences such as “1”, “2” or “3”. These vulnerabilities allowed the hacker to siphon crypto from unsuspecting users.
The scale of these exploits was first revealed in 2019 when security researcher Adrian Bednarek discovered the problem during a routine investigation.
It identified hundreds of wallets using dangerously weak keys, revealing the systematic method the hacker used to search for such vulnerabilities. This approach, known as “Ethercombing,” enabled automated theft from compromised wallets.
In two years, the hacker hacked 732 private keys and made nearly 49,000 transactions. Their activity peaked between 2016 and 2018, with over 45,000 ETH stolen in just eight months.
Following this frenzy, the hackers’ wallets have remained intact until now.
The re-emergence of the Blockchain Bandit highlights the ongoing security challenges within the crypto ecosystem.
Despite advances in wallet technology, Web3 researcher Pix noted that several cryptocurrency users are still vulnerable to similar attacks due to weak key generators, poor wallet practices, and the possibility of human error. The researcher added:
“The Bandit Manual is not obsolete, it is a warning.”
Additionally, the return of Blockchain Bandit also highlights a broader trend of increasing cryptocurrency theft. This year, crypto losses reached $2.3 billion, a 21% increase from the previous year. Cybercriminals linked to North Korea are notably responsible for $1.34 billion of these losses.
