A hacker known as Blockchain Bandit, notorious for stealing Ether by exploiting weak private keys, has transferred 51,000 ETH—valued at $172 million—into a single wallet. This marks the first activity from the Bandit in nearly two years.
Funds Moved to a New Wallet
Blockchain investigator ZachXBT reported on December 30 that the hacker moved the stolen Ether from 10 separate wallets into a multi-signature wallet address, “0xC45…1D542.” The transfers were executed in 5,000 ETH batches between 8:54 pm and 9:18 pm UTC.
Before this activity, the funds had remained untouched since January 21, 2023, when the Bandit last moved the 51,000 ETH. During that same period, the hacker also relocated 470 Bitcoin, signaling a coordinated effort to consolidate stolen assets.
Exploiting Weak Private Keys
The Blockchain Bandit became infamous between 2016 and 2018 by exploiting weak private keys. According to a 2019 report from Independent Security Evaluators, the hacker used a technique called “Ethercombing” to brute-force private keys. This method targeted vulnerabilities in faulty code and random number generators.
Through this process, the Bandit uncovered 732 weak keys, facilitating over 49,000 fraudulent transactions. Crypto security expert Adrian Bednarek noted that guessing private keys is typically seen as statistically impossible. However, flaws in key generation allowed the hacker to pull off these thefts, with the most significant breaches occurring in 2018.
Uncertain Identity and Speculation
The identity of the Blockchain Bandit remains a mystery. Some cybersecurity experts, including Bednarek, have speculated that state actors, such as North Korea, could be behind the thefts.
Escalating Cybersecurity Risks
This case underscores the increasing risks in the cryptocurrency space. Onchain security firm Cyvers reported that crypto hackers stole more than $2.3 billion across 165 major incidents in 2024, representing a 40% increase compared to 2023.
The rise in thefts is primarily attributed to access control vulnerabilities on centralized exchanges and custodial platforms. These types of breaches accounted for 81% of the stolen value in 2024, totaling $1.9 billion across 67 incidents.
As the adoption of cryptocurrency grows, so does the sophistication of hackers. This highlights the urgent need for stronger security measures to protect digital assets and prevent exploitation.
