The infamous hacker group, under the guise of “Blockchain Bandit”, made a major comeback after almost two years of inactivity with the sensation of combining 51,000 Ether into a single wallet, totaling $172.2 million.
The fund transfer was made between 20:54 and 21:18 UTC on December 30 from 10 inactive wallet addresses to a multi-signature wallet labeled “0xC45…1D542”. Each transaction corresponded to 5,000 ETH. Among them were those on January 21, 2023, to whom the blockchain bandit transferred 470 Bitcoin (BTC) along with Ethereum (ETH).
Diagram detailing the consolidation of $172.2 million worth of Ether by Blockchain Bandit shows the flow of funds from the hacked wallets to a single multi-signature wallet. Courtesy of TRM Labs. Source: ZachXBT
A “Blockchain Bandit” is someone who implements one of the new forms of cybercrime using the weak private keys method known as “Ethercombing”, which relies on a brute force approach to find problems in poorly written code. randomness generators. According to crypto security expert Adrian Bednarek, the hacker managed to crack 732 private keys corresponding to 49,060 transactions.
It all started in 2019
Security analyst Adrian Bednarek was researching Ethereum wallets for an enterprise client.
What he found shocked him:
Hundreds of private keys were dangerously weak
That’s when he came across Bandit… pic.twitter.com/6EamxMjoKo
— Pix🔎 (@PixOnChain) December 31, 2024
The bandit started in 2016, but most of the thefts occurred in 2018. Eight months later he had already obtained 45,000 ETH through programmatic theft; This activity has made it the biggest threat in the crypto world. This phenomenon has become a real nuisance due to the increase in the number of crypto thefts in the last few years.
The return of Blockchain Bandit also highlights the crypto vulnerabilities that are an inevitable part of the blockchain ecosystem. According to a report from on-chain security firm Cyvers, the total amount of money stolen in 165 security incidents in 2024 was around $2.3 billion, a 40% increase from the previous year. 81% of the total money lost, or $1.9 billion, was the result of access control breaches on centralized exchanges and custody platforms, largely focused on pig slaughter scams.
Bitcoin 
Ethereum 
XRP 
Tether 
Solana 
BNB 
Dogecoin 
USDC 
Cardano 
Lido Staked Ether 
TRON 
Avalanche 
Sui 
Wrapped stETH 
Chainlink 
Toncoin 
Shiba Inu 
Stellar 
Wrapped Bitcoin 
Hedera 
Polkadot 
WETH 
Bitcoin Cash 
Uniswap 
Pepe 
Litecoin 
LEO Token 
Hyperliquid 
Bitget Token 
Wrapped eETH 
NEAR Protocol 
Internet Computer 
Ethena USDe 
USDS 
Aptos 
Aave 
Mantle 
Bittensor 
Cronos 
POL (ex-MATIC) 
Virtuals Protocol 
Ethereum Classic 
Render 
VeChain 
Artificial Superintelligence Alliance 
Arbitrum 
MANTRA 
Ethena 
Tokenize Xchange 
WhiteBIT Coin