A new study dubbed as “Ethercombing: Finding Secrets in Popular Places,” illustrates that tens of thousands of ETH are being stolen by an unknown entity, taking advantage of the weak private key.
Published on Tuesday, the study was undertaken by a security consulting firm, Independent Security Evaluators (ISE). Wired’s Andy Greenberg also covered the finding in a story.
Notably, during a point in January 2018, when the bull market was in action, the stolen loot amounted to nearly 38,000 ETH, an amount worth more than $54 million at the time. The report discloses that the so-called “blockchainbandit,” now holds 44,744 ETH, worth $6.1 million, in an address discovered amid a search for addresses that are protected by weak private keys.
For the unknown, private keys are strings of data that, in the case of cryptocurrencies, allow users to actually send out transactions from their addresses. If not closely guarded the user’s account can be compromised, allowing outside actors such as the blockchainbandit to pilfer the funds instead.
ISE intentions were to “discover keys that may have been generated using faulty code, faulty random number generators, or a combination of both,” as under normal circumstances, discovering ones created as intended should be “all but impossible,” according to the firm.
Over the course of its investigation, ISE discovered 732 private keys that issued over 49,000 ethereum transactions. Further the team also “identified 13,319 Ethereum that was transferred to either invalid destination addresses, or wallets derived from weak keys that at the height of the Ethereum market had a combined total value of $18,899,969.”
A researcher and analyst for ISE, Adrian Bednarek told Wired, that the unknown thief “was doing the same things we were doing but he went above and beyond” and that the process itself was likely automated. Bednarek added:
“Whoever this guy or these guys are, they’re spending a lot of computing time sniffing for new wallets, watching every transaction, and seeing if they have the key to them.”
ISE concluded its report with a note with:
“It should be concluded that any systems that handle private keys will be at an increased threat for targeted attacks. Software developers that design software or systems that interact with highly valuable private keys should incorporate all available defense in depth principles to counter present threats and use innovative measures to counter advanced present and future threats against these high value assets,”
Read more:Leverage The New World of Barter With Ubecoin
Image Source – Pixabay.Com
Bitcoin Price Analysis – BTCUSD On A Downward Correction
Ethereum Price Forecast – Will ETHUSD Revisit $170 Price Level?
Ripple Price Prediction – Will the Ongoing Bearish Trend Continue?
EOS Price Outlook – Will EOSUSD Continue The Downward Momentum?
Keep in mind that we may receive commissions when you click our links and make purchases. However, this does not impact our reviews and comparisons. We try our best to keep things fair and balanced, in order to help you make the best choice for you.
