Skip links
Kenya
Contact us
A&D Forensics
The Blockchain Bandits are Awake

The Blockchain Bandits are Awake: Some of The Stolen $90 Million are Moving.

Author
Published on:
Published in: Uncategorized

The blockchain bandits have made a new move by transferring stolen funds after six years. Blockchain bandits stole $90 million from cryptocurrency users with weak private keys between 2015 and 2016 using “Ethercombing”. Let’s take a walk down to the details. 

The Blockchain Bandits are Awake

Who is a Blockchain Bandit?

Blockchain bandits are not specifically identified yet, hence, the personality is still unknown. However, The blockchain bandits are for now seen as individuals or a group that used the ether-combing process to identify and steal from Ethereum addresses operating with weak private keys

In a research, based on generating private keys by ADRIAN Bednarek, a security consultant at the time of his research for his client, discovered the blockchain bandits. The blockchain bandits were able to use the same ether-combing process he was working on to move funds out of a wallet with weak private keys.

Hence, the hacker’s ability to siphon funds in Ethereum wallets secured with weak private keys in a process called Ether combing  earned him the name “blockchain bandit’.

Blockchain Bandits Target Weak Private Keys Using Ethercombing Process

What is Ethercombing?

Ethercombing is a method used to scan private keys to derive the wallet address associated with the private keys. Blockchain is a public ledger of cryptocurrency transactions that are verified with the use of private or public keys to validate and prove ownership of transaction data. Thus,  the blockchain bandits acted on the fact that you can find out a wallet address’s public  key if you know its private  key.

According to a video interview with Andrian Bednarek by Independent Security Evaluators (ISE), 732 private keys as well as their corresponding public keys that committed 49,060 transactions to the Ethereum blockchain were discovered by Andrian during his research on Ethercombing. 

It was during Andrian’s research that he discovered that funds from some of the  weak-key addresses are being stolen and sent to a destination address that belongs to an individual or a group. In addition, this group or individual was running an active campaign to compromise private keys and steal funds. 

The chat below produced by the ISE showed a process of Ethercombing used by the Blockchain bandits in identifying Ethereum addresses using weak private keys. 

C:\Users\USER\Desktop\A&D\EHERCOMBING.jpg
Source: Independent security evaluators (ISE)

The blockchain bandits’ target included only weak and faulty private keys. As explained by Adrian Bednarek, if anyone knows Bitcoin, Ethereum and other cryptocurrency private keys, the associated public address that the key unlocks can be derived. Therefore, the private key allows anyone to transfer the money at that address as though they were the rightful owner. 

Cryptocurrency wallets may have a weak private key because of coding errors coming from the software used in generating the keys or less caution from the wallet owner. 

The Blockchain Bandits Moves Stolen Funds 

After six years, the blockchain bandit’s wallet moves stolen funds that have been dormant. The first transaction to move the funds was made on January 16, 2023, to new addresses and between that date to January 21, 2023, the blockchain bandits have moved almost $90  million worth of 51,000 Ether and 470 Bitcoin to several addresses. 

According to a tweet and a report  by Chainalysis, the image below shows the movement of the stolen funds, though the addresses were not specifically named. The addresses were generalized as “intermediary addresses”. 

https://blog.chainalysis.com/wp-content/uploads/2023/01/Graph_ETH_Blockchain_Bandit_for_Twitter-6-1024x783.png
Image source: Chainalysis blog

Avoid Becoming a Victim of the Blockchain Bandits

Store your funds in trusted wallets that will not generate weak private keys

The movement of the funds by the blockchain bandits shows that this unknown individual or group is still an active bad player in the cryptocurrency space.

To be on the lookout, as a cryptocurrency user, you are advised to adopt best wallet safety practices. Store your funds using trusted personal wallets that will not generate weak private keys. In addition, if you are holding a large amount of cryptocurrencies, it’s preferable to use a cold storage method by using hardware wallets. 

A&D Forensics provides you with facts-checked information and events in the cryptocurrency and blockchain industry as they unfold. Stay abreast by subscribing to our newsletters and following our social media platforms. 

You can also request for a cryptocurrency investigation here

Contributor: Emmanuel Bassey

You may also like

This website uses cookies to improve your web experience.
On-Site Certified Cryptocurrency Investigator (CCI) Training

Learn how cryptocurrency related transactions, crimes are tracked, traced and prosecuted.



Certified Cryptocurrency Investigator Virtual Training

Learn how cryptocurrency related transactions, crimes are tracked, traced and prosecuted.


Blockchain and Cryptocurrency Accountants Course (BCA)

In today's financial landscape, the emergence of blockchain technology and cryptocurrencies has ushered in a new era of finance.

Our comprehensive training empowers participants to not only meet but exceed regulatory expectations, enabling them to become Blockchain and Cryptocurrency Practitioners (BCAs).


(ON-SITE) CERTIFIED CRYPTOCURRENCY COMPLIANCE SPECIALIST(3CS) COURSE

Learn how compliance could be a competitive advantage to your exchanges with all your AML, CTF, KYC and OFAC requirements.

By becoming an early bird for each cohort or leveraging our partner firms, you can obtain up to a 25% discount, contact us for more details.


Smart Contract Audit

To speak to us regarding Smart Contract Audit, please fill the form below. We will make every attempt to respond to you as soon as possible

Call Direct: +2348036180089 | +2349095503040

Get in touch

To speak with us as regards our services, to make comments and ask questions, please fill the form below. We will reply as soon as possible.

Call Direct: +254703 861236 | +254711873870

Chioma Onyekelu

Linkedin-in Twitter Facebook-f

LEAD FACILITATOR – CRYPTOCURRENCY INTUITION

Chioma Onyekelu is a highly skilled and accomplished professional in the field of cryptocurrency and blockchain technology. She is a Certified Cryptocurrency Investigator and Crypto Compliance Specialist, as well as a Blockchain Forensic Specialist and a teacher. She is also a public speaker and her teachings include consultations and practical solutions for African Start-ups on the best and most cost-effective way to build with compliance in mind. With a wealth of knowledge and experience in these cutting-edge technologies, she is well-equipped to navigate the complex landscape of cryptocurrency-related crimes.

In her current role as a Blockchain Forensic Specialist at A&D Forensics, Chioma is responsible for tracing and investigating cryptocurrency-related crimes, as well as training law enforcement agents and compliance officers on the latest developments and best practices in the field. In addition, she is currently pursuing a Master's degree in Blockchain and Digital Currencies at the University of Nicosia in Cyprus, further solidifying her expertise and understanding of the technology.

Chioma's dedication and passion for the field is evident in her work, and she is committed to staying at the forefront of developments in cryptocurrency and blockchain technology to provide the best possible service to her clients. Her exceptional skills in educating and consulting make her a valuable asset to the industry and an authority in the field of Blockchain and Crypto Compliance.

Sewe Wycklife

Linkedin-in Twitter Facebook

FACILITATOR – CRYPTOCURRENCY INVESTIGATIONS

Sewe Wycklife is a dynamic and accomplished professional with a proven track record of driving business growth and fostering educational excellence. Mr. Sewe possesses a unique blend of expertise and with strong leadership capabilities, he is committed to continuous learning and innovation to stay ahead in dynamic and competitive markets. Mr. Sewe has served as a Business Development Officer in Pathologists Lancet Kenya, one of the leading diagnostic labs in East Africa. He spearheaded business development initiatives to expand market presence and drive revenue growth in the diagnostic healthcare sector. He also identified and pursued strategic partnerships with healthcare providers, government agencies, and corporate clients to increase market share. Mr. Sewe has also served as the Vice President of Education at Fortune 360, a Forex Trading Company, based in the US. He was responsible for designing and delivering comprehensive training programs. Developed curriculum content covering topics such as technical analysis, risk management, and trading psychology to cater to diverse learning needs. Mr. Sewe Implemented strategic initiatives to enhance the effectiveness of educational programs and drive student engagement and retention. Mr. Sewe is a dedicated and proactive individual with a passion for criminology and security studies. His leadership experience includes serving as the President of the Young Criminologist Network, where he successfully organized events, workshops, and seminars aimed at promoting awareness and understanding of criminological issues among youths in Kenya. Additionally, he has held the position of Chairperson of the School of Social Sciences Clubs Consortium, where he collaborated with other student organizations to create interdisciplinary initiatives that fostered a sense of community and intellectual exchange within the school. Mr. Sewe is currently pursuing a bachelor's degree in Criminology and Security Studies at Mount Kenya University. Through his studies, he is gaining in-depth knowledge of theories and practices related to crime prevention, law enforcement, and security measures. His coursework is equipping him with analytical skills, critical thinking abilities, and a comprehensive understanding of the social, psychological, and legal factors that influence criminal behaviour. Mr. Sewe recently got certified as a Cryptocurrency Investigator and compliance specialist from Blockchain Intelligence Group and Association of Certified Financial Crime Specialist (ACFCS) institutions respectively. Mr.Sewe’s experience in cryptocurrency trading has enabled him to leverage his experience in identifying suspicious transactions and patterns, which lays the foundation for seamless transition into the realm of cryptocurrency investigation and compliance. Mr. Sewe’s new role as the managing partner and cryptocurrency lead investigator at A&D Forensics East Africa will include Overseeing A&D Forensics Operations within Kenya and the neighbouring countries within East Africa • Investigating cases involving cryptocurrencies which will includes tracking and analysing blockchain transactions, identifying potentially fraudulent activities, tracing illicit funds, and providing expert testimony in legal proceedings. • Staying abreast of evolving cryptocurrency regulations and compliance requirements in East Africa. Ensure that investigations adhere to legal and regulatory standards, and provide guidance to clients on compliance issues related to cryptocurrency transactions. • Acting as the primary point of contact for clients, providing expert advice and guidance on cryptocurrency-related matters. • Communicating investigation findings effectively, prepare reports, and assist clients in understanding the implications of the findings on their business or legal matters • Conducting training sessions and workshops for both internal team members and external stakeholders on topics related to cryptocurrency investigation, blockchain technology, and compliance. • Networking and Collaboration while building and maintaining relationships with industry peers, law enforcement agencies, regulatory bodies, and other relevant stakeholders. • Collaborating on joint investigations, share knowledge and best practices, and contribute to the advancement of the field of cryptocurrencies and blockchain technology.

Cryptocurrency Investigation Training

Learn how cryptocurrency related transactions, crimes are tracked,
traced and prosecuted.

  • 5 Days On-site
  • In-person training
  • Personal training materials
  • Catered lunches
  • Exam administration
  • Hands-on practical session for participants.
Choose package
  • 5 Days Virtual
  • Webcam-based training
  • Personal training materials
  • Exam administration
Choose package