Security report: 45.000 ETH stolen by hacker
An investigation by the agency Independent Security Evaluators revealed how a blockchain criminal managed to accumulate almost 45.000 ether by successfully guessing the weak private keys
The theft was discovered by hazard by the company’s senior security analyst, Adrian Bednarek. It must be said that the probability of finding a private key from a person’s ethereum address is approximately 1 in 2256 cases.
However, the hacker managed to discover 732 private keys using this method. Thus, he was able to make transactions easily as if he was the account holder. Ethereum registers almost 50 million public addresses, among which it is likely that there are some with keys prone to attacks.
According to the report, instead of applying sophisticate method for random private keys, the hacker looked for a combination of defective codes and defective random number generators.
However, Bednarek showed that some wallets associated with the private keys performed large volumes of transactions in one direction without the money being returned.
To conclude, the report states that any system that handles private passwords could be under risk of attack at any time. Therefore, developers must incorporate defense mechanisms to counteract the threats of the present and forward future ones.
L.Sáenz
Source: Coincrispy
