The Blockchain Bandit: Finding Over 700 Active Private Keys On Ethereum's Blockchain
HTML-код
- Опубликовано: 10 окт 2024
- While researching key generation on Ethereum's blockchain we discovered funds from weak private key addresses are being pilfered by someone. On 01/13/18, this blockchain bandit held a balance of 37,926 ETH valued at $54 million.
Read the research paper here: www.securityev...
Blockchain Security Blogs: blog.securitye...
Follow us at: / isesecurity
Ethercombing: Finding Secrets in Popular Places:
In our research we examine how, even when faced with this statistical improbability, ISE discovered 732 private keys as well as their corresponding public keys that committed 49,060 transactions to the Ethereum blockchain. Additionally, we identified 13,319 Ethereum that was transferred to either invalid destination addresses, or wallets derived from weak keys that at the height of the Ethereum market had a combined total value of $18,899,969.
In the process, we discovered that funds from these weak-key addresses are being pilfered and sent to a destination address belonging to an individual or group that is running active campaigns to compromise/gather private keys and obtain these funds. On January 13, 2018, this “blockchainbandit” held a balance of 37,926 ETH valued at $54,343,407.
Director and Producer: Sam Levin
Cinematography: Daniel Regner
Director of Photography: Zak Frederick
Animation: Donald Bomber
Produced by Independent Security Evaluators
Good job, I mentioned this in my latest video.
The keyspace is 2^256, but the address space is 2^160 (an Ethereum address is obtained from the least significant 160-bit of the Keccak-256 hash). So theoretically a single address can have up to 2^96 private keys. And what could happen if we combine the birthday paradox with ethereum private key collisons? ;)
Is this true? You could collide with an address but the blockchain still exposes the public keys given a signature and the message (transaction) it signed.
@@peterwillemsen9516 never
how to scan so many keys?
He just cashed out 50 mil a couple weeks ago
no
Could this not be just like the spam going in this comment stream now? Convince non tech people watching videos about how to get cryptocurrency or recover your lost keys. And bammm theft.
music must be louder, because you upload video for music, not for speaker
0x7E5F4552091A69125d5DfCb7b8C2659029395Bdf🔑0x0000000000000000000000000000000000000000000000000000000000000001
0x4C636a08FDF3692A9bCa111e8a7F4A0E28Eb4457🔑0x0000000000000000000000000000000000000000000000000a00000000000000
both with zero balance
Dm me