$90 Million in Stolen Crypto Seen Moved

A hacker dubbed the “Blockchain Bandit” has finally woken up from a six-year sleep and has started rolling in his ill-gotten gains.

According to Chainalysis, an estimated $90 million worth of crypto stolen from the attacker’s long string of “programmatic thefts” since 2016 has started to move in the past week.

This included 51,000 Ether (ETH) and 470 Bitcoin (BTC) — worth a total of about $90 million — leaving the bandit’s address for a new one. Chainalysis noted:

“We suspect the bandit is shifting its funds given the recent price hike.”

The hacker was dubbed the “Blockchain Bandit” for being able to purge Ethereum wallets secured with weak private keys in a process called “Ethercombing”.

The attacker’s “programmatic theft” process has drained more than 10,000 wallets from individuals around the world since the first attacks were perpetrated six years ago.

In 2019, Cointelegraph reported that Blockchain Bandit managed to amass nearly 45,000 ETH by successfully guessing those fragile private keys.

A security analyst said he discovered the hacker by accident while researching private key generation. He noted at the time that the hacker had set up a node to automatically steal funds from addresses with weak keys.

The researchers identified 732 weak private keys associated with a total of 49,060 transactions. However, it is unclear how many of these were exploited by the bandit.

“There was a guy who had an address who was going around and embezzling money from some of the keys we had access to,” she said at the time.

Crypto movements Blockchain Bandit. Source: Chain Analysis

Chainalysis has produced a diagram depicting the flow of funds, however, has not specified the destination address, labeling them only as “intermediary addresses”.

To avoid having weak private keys, Chainalysis has advised users to use well-known and trusted wallets and consider moving funds to hardware wallets if large amounts of cryptocurrency are involved.

Related: Hackers Keep Stolen Cryptocurrencies: What’s the Long-Term Solution?

Also in 2019, a computer researcher discovered a wallet vulnerability that released the same key pairs to multiple users.