Between 2015 and 2016, a hacker identified as “Blockchain Bandit” by Chainalysis robbed more than 10,000 cryptocurrency investors. Last week, six years after he went missing, the famous hacker moved some stolen money around. The intelligence company estimates, in a post published this Wednesday (25) on its blog, that the “renaissance” is due to the recent rise in prices.
“Ethercombing” and stealing millions
Thousands of thefts committed by the “Blockchain Bandit” are made possible by a technology called “Ethercombing”. Chainalysis, using a Wired article from 2019, explains that Ethercombing is a process that determines the address of the public key if the private key is known.
Based on this system, the hacker has automated a system to parse a list of vulnerable private keys that can be used. One example mentioned is single-digit private keys. When the key was identified, the malicious agent overran the data and drained the wallet. Through this method, more than 10,000 Ethereum (ETH) addresses have been drained, with a total of 51,000 ETH stolen.
The maximum valuation of Ether at the time of the attacks was $20.51. This way, even if the price cap is taken into account, the hacker would still make a profit of 7,520% if he decided to sell all his ETH at the current price of $1,562.96. In addition to the Ether balance, Blockchain Bandit also has 470 Bitcoin (BTC).
Altogether, Ethercombing’s author portfolios add up to nearly $90 million. The values have been transferred to different wallets. “We suspect that the sudden increase in activity is related to the recent surge in crypto-asset prices. We will continue to monitor the situation and share updates,” says Chenlaizes in the company’s blog post.
The amount of stolen cryptocurrency was large at the time of the attacks, but the numbers are small by today’s standards. Even taking into account the current quote, the nearly $90 million USD does not place Blockchain Bandido among the 15 largest hacks in the history of the cryptocurrency market.
However, in terms of valuation, the result is one of the most profitable in history. Many of the largest attacks, in terms of amounts charged, took place between 2021 and 2022, while cryptocurrency prices were still surging.
An example of this is the Ronin Network hack that at the time drained $624 million from the network. Of the total amount withdrawn, only $25.5 million was denominated in US Dollars (USDC). The rest of the amount was all in ether, more specifically 173,600 ether. Since March 23, 2022, the date of the attack, the price of the second largest cryptocurrency by market cap has already fallen by about 50%.