Bitcoin Forum

Bitcoin => Development & Technical Discussion => Topic started by: adaseb on November 30, 2017, 10:07:40 AM



Title: Thoughts on this private key stealing mystery
Post by: adaseb on November 30, 2017, 10:07:40 AM
Found this on Reddit

https://pastebin.com/jCDFcESz

Quote
Hi.  Thanks for passing this along so it gets some attention.  I was worried if I posted this somewhere it would mostly go unnoticed.  Also, I'm trying to stay anonymous because I don't want to be accused of being the person who came up with this exploit or be blamed by any company for any damages.  It's an interesting technical story so I thought I would share it.


-------- story begins here ----------------


I returned 9 BTC to reddit user fitwear who recently claimed were stolen from their blockchain.info wallet.

I have evidence that some bitcoin address generation code in the wild is using private keys that can easily be discovered on a regular basis. This is either intentional or by mistake. Some wallets have been compromised by what is probably an innocent looking piece of code.  Furthermore, someone has been siphoning bitcoin on a regular basis since 2014 from them. Whether they discovered this by accident (like I did) or are the ones who installed the code themselves, I don't know.  It looks like either a clever exploit or a coding error. It could also be yet another piece of malware, however as I explain below, I feel this is less likely the case. In order to fully understand how this works and how I discovered it, please read on.

Some Background
---------------

I've been following bitcoin since I first heard of it in 2011. One of the things that fascinated me was the ability for someone to create private keys from just about anything using Sha256 (i.e. Sha256(password/phrase)).  This, of course, is NOT a recommended way of obtaining a private key since if YOU can think of the word/phrase, someone else can too and the likelihood of your bitcoins being stolen is quite high. The most secure private keys are generated randomly. The probability of someone else being able to generate the same sequence of 32 random bytes is so close to 0, it is highly improbable anyone ever will (given the expected lifespan of the universe).

If you peer into the blockchain, you will find that people have 'played' with the chain by sending small amounts of bitcoins to addresses corresponding to private keys generated using Sha256.  For example, Sha256 of each word in the entire /usr/dict/words file found on most UNIX systems has had a small amount sent to it.  There was a site called brainwallet.org that made it easy for you to convert a phrase into a private key + public address.  (The code is still available on GitHub but has since been removed from the Internet).  Try using phrases like "i find your lack of faith disturbing", "these aren't the droids you're looking for" or "satoshi nakamoto" as inputs to Sha256.  You'll find the addresses corresponding to those private keys have had small amounts sent to them (and transferred out).  It's quite obvious these were _meant_ to be found. It turns out there are a lot of these addresses. (Keep looking and you will easily find some.)  This is nothing new and has been known to the bitcoin community for a while.

I always had the idea in the back of my mind to try and find other non-trivial examples of 'discoverable' private keys.  That is, something beyond Sha256(word/phrase). So I decided to try and hunt for buried bitcoin treasure.  Perhaps I could find some bitcoin intentionally hidden by someone that hadn't yet been discovered?  In the first couple weeks of June 2017, I finally devoted some time to the task. I honestly didn't expect to find much but I was amazed at what I ended up discovering.  I began by writing a program to scan every block in the blockchain and record every public address that had ever been used.  (Note: I didn't only store addresses for which the balance was greather than zero, I stored ALL of them which is why I believe I ended up accidentally discovering what I did.)  There were only about 290 million at the time so this wasn't a big deal.

The Experiments
---------------

What follows is a description of my experiments and what led me to discover what I believe is either a scam or really bad coding error.

Experiment 1
------------

My first experiment was to see if anyone used a block hash as a private key. That would actually be a nifty way to 'compress' 32 bytes in your head.  You would only have to remember the block height (which is only maybe 6 digits) and the corresponding larger 32 byte number would be saved for all time in the chain itself!

Results: Success! I found 46 addresses that had some amount of bitcoin sent to them between 2009 and 2016.  As expected, these all had 0 balances either because the owner had taken them back or they were discovered by someone else.

Here are two examples. You can use blockchain.info to see these hex values are actually block hashes from early in the chain.  This happened on/off up until mid-2016.

1Buc1aRXCqdh6r7PRYWPAy3EtVFw5Ue5dk 000000006a625f06636b8bb6ac7b960a8d03705d1ace08b1a19da3fdcc99ddbd
1KLZnkqU94ZKpgtcWCRs1mhqtF23jTLMgr 000000004ebadb55ee9096c9a2f8880e09da59c0d68b1c228da88e48844a1485

Nothing really alarming so far.

Experiment 2
------------

Similar to my first experiment, I then searched for addresses that were generated from the merkle root used as a private key.  (BTW, I searched for both compressed/uncompressed keys, so each 32 bytes resulted in two address look-ups from my database).

Results: Yes! I found 6 addresses again up until mid-2016.  Even though every address I found had a 0 balance (again expected), I was having fun with my success!

Example:

13bkBdHRovsBkjM4BUsbcDNr9DCTDcpy9W 6c951c460a4cfe5483863adacafad59e5de7e55876a21857733ca94049d7d10c

Similar to merkle root and block hashes, transaction ids (hashes) also seem to have been used as private keys. Still nothing alarming to me thus far.

Experiment 3
------------
I wondered at this point if anyone might have used repeated Sha256 on words.  Why stop at just one iteration when you can easily do one million?  Also, it becomes less likely to be discovered the more iterations you do.  I found a bunch.  Here are a few:

Sha256('sender') x 2

18aMGf2AxQ3YXyNv9sKxiHYCXcBJeJv9d1 098f6d68ce86adb2d8ba672a06227f7d177baca3568092e4cda159acca5eb0c7

Sha256('receiver') x 2
1C3m5mFx6SjBCpw6qLqzM8izZArVYQ9B5u 6681b4b6aa44318e55a724d7135ff23d76eb75847802cd7d220ecaa8427b91d4

Sha256('hello') x 4

17UZ4iVkmNvKF9K2GWrGyMykX2iuAYbe1X 28b47e9b141279ea00333890e3e3f20652bbd7abc2b66c62c5824d4d6fe50ac9

Sha256('hello') x 65536

1Mi5mVANRNAetbJ21u2hzs28qCJC19VcXY 52fa8b1d9fbb264d53e966809ce550c3ab033248498da5ac0c5ab314ab45198e

Sha256('password') x 1975 (This one's my favorite, someone's birth year?)

13mcYPDDktHdjdq9LwchhU5AqkRB1FD6JE 6e8cdae20bef63d33cb6d5f1c6c9c954f3148bfc88ef0aa1b51fd8b12fa9b41c

People were obviously burying bitcoin in the chain. Whether they expected the coins to be taken or not, we'll never know.  But these methods were still highly 'discoverable' in my opinion.

Experiment 4
------------

My last experiment is the one that led me to believe someone was siphoning bitcoin from some service on a regular basis and has been since 2014.

Take a look at this private key:

    KyTxSACvHPPDWnuE9cVi86kDgs59UFyVwx2Y3LPpAs88TqEdCKvb

The public address is:

    13JNB8GtymAPaqAoxRZrN2EgmzZLCkbPsh

The raw bytes for the private key look like this:

    4300d94bef2ee84bd9d0781398fd96daf98e419e403adc41957fb679dfa1facd

Looks random enough. However, these bytes are actually sha256 of this public address!

    1LGUyTbp7nbqp8NQy2tkc3QEjy7CWwdAJj

I discovered this by performing Sha256 on all the public addresses I had collected from the setup of my experiments and then seeing if those addresses (from the generated private keys) were ever used.  Bingo!  Lots were coming up.  I searched a fraction of the chain and found dozens.  I also found these addresses had bitcoin sent to them very recently (within weeks/days of when I discovered them.)

I asked myself, "Why would someone do this?"

At first, I thought this was someone who thought they could get away with having to remember only one piece of information rather than two.  Maybe they have one favorite address/private key combo and derived another from that one?  I thought it was possible.  You could keep doing this in a chain and derive as many as you wanted and only ever have to remember the first one.  But I ruled this out for one simple reason; bitcoins transferred into those addresses were being transferred out within minutes or SECONDS. If someone generated these private keys for themselves, then why would the coins be almost immediately transferred out in every case I looked at?

Here are some more (complete list at end of this doc):

16FKGvEtu5KPMZqiTK4yjmsSZsJLyxz9fr from Sha256(1CRWfJdgVrfKLRS4G3vTMRhEQrCZZyHNMo)
1HwxL1vutUc42ikh3RBnM4v2dVRHPTrTve from Sha256(1FfmbHfnpaZjKFvyi1okTjJJusN455paPH)
1FNF3xfTE53LVLQMvH6qteVqrNzwn2g2H8 from Sha256(1H21ndKEuMqZbeMMCqrYArCdV8WeicGehB)

In every case I looked at, the coins were moved away within minutes or seconds.

It was much more likely that a bot was waiting for those coins to show up. Also, transactions are STILL happening to this day on those addresses!  But how can that bot know in advance that address was about to receive bitcoins?

A Scam or a mistake?
--------------------

It is at this point I formed a theory on what was really happening. It is likely that someone installed malicious code into the backend system of a mining pool, an exchange, or possibly wallet generation code. They are using public information so that they can discover the private keys easily and steal the coins on the side.

But why would they use Sha256(public_address)?  Why not do Sha256(public_address + some super hard to guess random sequence) or just use a hard-coded address?

Well, I have a theory on that too.  It can't be hard-coded or it would look suspicious in a source code repository.  It's likely the code was introduced by someone who works (or worked) for some company connected to bitcoin (exchange/mining pool/gambling site/wallet).  Code submitted by developers into source control systems usually goes through a code review process. It would be much easier to hide an innocent looking Sha256 operation inside the millions of lines of code that make up the backend.  Sha256 is used all over the place in bitcoin and it wouldn't look suspicious.  The function would be readily available.  However, if code were to be submitted that performed Sha256(address + "secret_password1234xyz"), that would look VERY suspicious.  My guess is someone has slipped in a routine that LOOKS harmless but is actually diverting bitcoin to their awaiting bot ready to gobble them up.

It's actually quite clever.  No one can know the destination address in advance.  You would have to keep performing Sha256 on all public addresses ever used to catch that one in a million transaction.  Someone would be able to capture those coins by simply watching for a transaction into an address that corresponds to a private key generated from Sha256 of one of the existing public addresses.  Keeping such a database is trivial and lookups are quick.

To be fair, I suppose this could be a coding error.  Anything is possible with a buffer overflow. I would love to see the code if this is ever found.

Transactions were STILL happening right up until a couple weeks before I made this discovery!  So I wrote a bot to try and 'catch' a transaction.

Mind Blown
----------

Within the FIRST 48 HOURS of my bot going live, on Jun 19, a whopping 9.5 BTC was transferred into an address for which I had the private key.  This was approximately worth $23,000 USD at the time.  I was shocked.

This is the address: 12fcWddtXyxrnxUn6UdmqCbSaVsaYKvHQp

The private key is: KzfWTS3FvYWnSnWhncr6CwwfPmuHr1UFqgq6sFkGHf1zc49NirkC

whose raw bytes are derived from Sha256 of:

16SH69WgJCXYXWV58sxjTxonhgBh5HCZTt (which appears to be some random address previously used in the chain)

BUT... I had failed to test my program sufficiently and it failed to submit the transaction!  The 9.5 BTC was sitting there for almost 15 minutes before being swept away by someone else.  I honestly didn't think the first amount to cross my radar would be so high.  The other samples I found from past transactions were for tiny amounts.  It is quite possible that whoever moved them later out of the poisoned address actually owned them.  Maybe someone else's sweeper bot only takes small amounts most of the time to avoid attention?

At this point, I was pretty confident I was on to something not yet discovered by anyone else.  I _could_ have taken those 9.5 BTC and if this was known to others. Also, if you look into the history of that account, 12 BTC was transferred into it (and out right away) only one month earlier.  No one has claimed any theft (to my knowledge) involving that address.

I fixed my program (actually tested it properly this time) and let it run again.  My program detected more transactions (2 within the next 48 hours). I coded my bot to ignore anything less than .1 BTC so I didn't move them.  I didn't want to tip off the anyone that I knew what they were doing (if that was indeed the case).

Another 3-4 days passed and the next hit my bot detected was for roughly .03 BTC (~$95USD).  For some reason, this was not transferred out immediately like the rest.  By this time it was July 4th weekend.  I let this one sit too and it took a full 7 days before it was moved (not by me).  It may have been the legitimate owner or a bot.  We'll never know.

The destination address was: 1LUqqMzaigWJTzaP79oxsD6zKGifokrh7p
The private key raw bytes were: c193edeeb4e7fb5c3e01c3aebd2ec5ac13f349a5a78ca4112ab6a4cbf8e35404

The plot thickens...
--------------------

I didn't realize it at the time but that last transfer was into an address for a private key not generated from another public address like the first one.  Instead, this address was generated from a transaction id!  I had forgotten that I seeded my database with private keys generated with transaction ids as part of one of my earlier experiments.  I didn't label them so I didn't know which were from Sha256(pub address) and which were from transaction ids.  I found some hits at the time but when I checked the balances for those accounts, they were all zero and I didn't think anything of it.  But now my database was detecting ongoing transfers into THOSE addresses (transacton id based) too!

Okay, someone was possibly using information from the blockchain itself to ensure private keys were discoverable for the addresses they were funelling bitcoin into.  The interesting thing is I found a link between the 12fcWddtXyxrnxUn6UdmqCbSaVsaYKvHQp address (via sha of a public address) AND the 1LUqqMzaigWJTzaP79oxsD6zKGifokrh7p transfer (via the tx id as a key).  In the history of both of these addresses, you can see the BTC eventually ended up into this address: 1JCuJXsP6PaVrGBk3uv7DecRC27GGkwFwE

Also, the transaction id was for the previous transaction to the one that put the BTC in the toxic (discoverable) address in the first place.  Now it became even more clear.  The malicious code sometimes used a recent transaction id as the private key for the doomed destination address. Follow the .03 BTC back and you will see what I mean, you eventually get to the txid = private key for that discoverable address.

The 1JCuJXsP6PaVrGBk3uv7DecRC27GGkwFwE address is ONE of the collection addresses.  I have reason to believe there have been many over the years.  This one only goes back to approximately March 2017.  You can see in the history of this one address when they consolidated their ill-gotten gains into one transaction back to themselves.

I let my bot run longer. The next hit I got was for block hashes that were used as private keys (see Experiment #1).  Sure enough, this address also had links to the 1JCuJXsP6PaVrGBk3uv7DecRC27GGkwFwE collection address!

And remember my merkle root experiment? I believe those were also part of this.  However, I have not linked those to this one particular collection address yet.  In the end, I found a total of four different 'discoverable' private key methods being used.

I made sure my database was filled with every block hash, merkle root, transaction id and Sha256(public address) for private keys and let my bot run.  Transactions for all four types were showing up, again for tiny amounts which I ignored. By this time, I was watching BTC getting taken in small amounts regularly. Sometimes, I saw as many as 6 transactions fly by in one day.

How fitwear lost (and got back) 9 BTC
-------------------------------------

On Nov 12, my program saw 9 BTC transferred into an address that my database had the private key for. I had searched for that address too to see if anyone was claiming ownership but I didn't see anything.  I decided to send a small amount to a well known puzzle address to give the transaction some public scrutiny in an anonymous way (1FLAMEN6, I'm still trying to solve this BTW).  Shortly after, I became aware of fitwear's reddit post claiming theft after someone noticed the prize amount had been topped off and linked the two events together.

I contacted fitwear privately and returned their coins minus the small amount I sent to the puzzle address.  Blockchain.info's original response to his support ticket, was that his system must have been compromised.  However, if you read his post, he took every precaution including typing in the key for his paper wallet instead of copy/paste and using 2FA.  

In his case, in Aug 2017, he imported the private key for his 1Ca15MELG5DzYpUgeXkkJ2Lt7iMa17SwAo paper wallet address into blockchain.info and submitted a test transaction.  At some point between then and Nov 12, the compromised 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit got into his online wallet as an 'imported' address.

Together, we contacted blockchain.info and I relayed the information I just outlined above to them.  Their security team investigated but found no evidence it was their system that was at fault. I suppose it's possible his system was somehow compromised back in August and managed to import a key into blockchain.info without him knowing it.  Or someone else logged into his account, imported the key, then waited.  I feel the malware/login explanations are much less likely because it looks like code attempting to 'hide in plain sight' to me.  You wouldn't need to use Sha256(address) or block hash or txid or merkleroot if you were malware or an unauthorized login.  You would at least salt or obscure the key with some bit of knowledge only you know so that only you could derive the private key (as mentioned earlier).  The fact that information from the blockchain itself is being used indicates it may be some transaction processing logic.  Also, fitwear took extreme precautions (you can read his reddit post for details).  The origin of these poison destination addresses remains a mystery.

If it's the case that some wallet generation code is doing this, then it may be the case that we're seeing 'change' transactions.  When you create a wallet, there maybe 20 addresses generated.  They are all supposed to be random keys.  If this rogue code creates one of them in this manner (based on the public address string of an earlier one), then at some point, your 'change' will get put back into it as the wallet 'round-robins' through the list.

fitwear's 15Z address sat unused until Nov 12 when fitwear transferred his 9 BTC into it using blockchain.info.

To see the connection, take a look at this:

echo -n "1Ca15MELG5DzYpUgeXkkJ2Lt7iMa17SwAo" | sha256sum
9e027d0086bdb83372f6040765442bbedd35b96e1c861acce5e22e1c4987cd60

That hex number is the private key for 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit !!!

fitwear insists he did not import the key for that address.  Did Blockchain.info generate it or was it added by mallicious browser code? We may never know.

See below for the complete list of other Sha256 based addresses that suffer from the same issue. I believe this is happening for others.  It's likely, that the small amounts usually taken are going unnoticed by the owners.

What does this mean for bitcoin?  Nothing probably. I believe the bitcoin network itself to be secure.  However, as long as humans are involved in the services that surround it (mining pools, exchanges, online/mobile wallets) there is always a chance for fraud or error.  The bitcoin network itself may be 'trustless', but anything humans touch around its peripheries is certainly not.  And you need to use those services to get in/out of the network.  So even with bitcoin, it still boils down to trust.

To be fair to blockchain.info, only Sha256(public address) (one in particular) was found to be present in one of their wallets. The other 3 methods I described above could be completely unrelated.  And they could all possibly be a (really weird) software bug.

Here are 100+ addresses that received bitcoins whose private keys are the bytes resulting from Sha256 of another public address.  Most of these came from a scan I did of old transactions, not while my bot was running.  Blockchain.info told me they do not appear to have been generated by their system.

Also, the list of addresses I"m providing are only the subset that have already had some BTC transacted through them.  There are likely hundreds more lying dormant inside people's wallets that have not been used yet.

Here is the list:

1G2rM4DVncEPJZwz1ubkX6hMzg5dQYxw7b Sha256(1PoHkMExsXDDBxpAwWhzkrM8fabmcPt6f4)
1Kap8hRf8G71kmnE9WKSBp5cJehvTEMVvD Sha256(1LdgEzW8WhkvBxDBQHdvNtbbvdVYbBB2F1)
1LsFFH9yPMgzSzar23Z1XM2ETHyVDGoqd5 Sha256(1FDWY63R3M87KkW2CBWrdDa4h8cZCiov9p)
13eYNM5EpdJS7EeuDefQZmqaokw21re4Ci Sha256(1E7kRki9kJUMYGaNjpvP7FvCmTcQSih7ii)
1CcSiLzGxXopBeXpoNSchagheK9XR61Daz Sha256(191XapdsjZJjReJUbQiWAH3ZVyLcxtcc1Y)
1J9Gtk5i6xHM5XZxQsBn9qdpogznNDhqQD Sha256(16fawJbgd3hgn1vbCb66o8Hx4rn8fWzFfG)
1A17F9NjArUGhkkiATyq4p8hVVEh2GrVah Sha256(1Je3tz5caVsqyjmGgGQV1D59qsCcQYFxAW)
1GGFXUL1GoHcEfVmmQ97getLvnv6eF98Uu Sha256(1DCfq8siEF698EngecE69GxaCqDmQ2dqvq)
14XxBoGgaJd1RcV3TP8M4qeKKFL9yUcef1 Sha256(1Frj1ADstynCYGethjKhDpgjFoKGFsm5w5)
18VZKyyjNR8pZCsdshgto2F1XWCznxs86P Sha256(1FEwM9bq3BnmPLWw5vn162aBKjoYYBfyyi)
12fcWddtXyxrnxUn6UdmqCbSaVsaYKvHQp Sha256(16SH69WgJCXYXWV58sxjTxonhgBh5HCZTt)
19T6HNnmMqEcnSZBVb1BNA6PrAKd5P2qZg Sha256(1Frj1ADstynCYGethjKhDpgjFoKGFsm5w5)
1MWBsFxWJrNtK2cN2Vt7j3a9r5ubfn41nx Sha256(16era4SgYEcbZD1pu6oCBXGXjK2wSrePe8)
1Ns55SngRhshA8kEnyuQ9ELZZPN7ubYfQJ Sha256(1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN)
13CnacdjvuuTJkCWrZf33yMrQh5aVX5B14 Sha256(1KPDwnrzJAfD2V4oiPf55WBTAi6UJDvMjN)
1MG1dTqtWVNqq3Qht88Jrie7SXp2ZVkQit Sha256(1UvM3rBJ8Sa1anQ8Du1mj5QZapFmWF7vH)
1DBXjdbMWXmgt81E1W7AYRANVPiq12LsGd Sha256(1Poi5SE42WVR2GKPrwp9U3wYqEBLN6ZV1c)
1GUgTVeSFd2L5zQvpYdQNhPBJPi8cN3i4u Sha256(1EjWVhiTyCdpTa29JJxAVLq27wP4qbtTVY)
1JQ2shEPzkd3ZL3ZQx7gmmxFLvyhSg14cb Sha256(1KEkEmadjTYHCiqhSfourDXavUxaiwoX7f)
125PcPD4QXzgDwNPForSFji8PPZVDr2xkp Sha256(1GRdTKgSq5sY3B4PiALPjKTXSXPXs6Ak7X)
1kN83e7WRtsXD7nHn51fwdEAi51qk5dEe Sha256(1JcsBzKio1curbu9AtxTySxddvT4MKT3Da)
1L5pzdXL4hhtMHNxFXHjjdhhSidY9kJVRk Sha256(1V8tWZw4J3G5kBgafGsfoVSNQEgkxDmeA)
1cQH5XCsezkKt9zpwjHizz8YJZudDSwri Sha256(1AYKSUqCtDX1E34q4YoFnjwWSj41huWgGG)
1DHWP6UjSKBBUR8WzTviWAGNgLfDc6V6iL Sha256(1MbzspFCdXjtqAUx3t6A11vzrk5c847mvE)
1EqSvLnMhbRoqZkYBPapYmUjMS9954wZNR Sha256(1XAeTJCaYJgoBDwqC1rhPhu3oXiKuMs9C)
1MJKz1M7dEQCHPdV5zrLSQPa4BGFAuNJyP Sha256(1BxzenHnSuKwqANALE5THeTCSRZkv3ReRP)
18VZG5Dr8bYJWadHUgh7kC4RPS1VsvH4Ks Sha256(1qA59Na3WysruJbCPoomryDRCtJ4f4aLu)
1CoyRECWJ4LHNiZAgAz9719chFkrDJuNMC Sha256(19o4Yjrd74qnZ3z87C67BShbbF4fSNHy8W)
1ERKXYeaCy97KPdJTRbWjJDVzMbStJYqCm Sha256(1DMwZeQJXfWToRRHr5uRiKeucwDWkWLvkm)
1mbcQaPzsaBoaYP4V6uwCA74BRPhroK3r Sha256(1KzSULbG3fRVjWrpVNLpoB6J62xYL42AdN)
1gHad7cKWDcVKFeKcLRW4FhFAyw2R7FQZ Sha256(1LFCEek8FobJRXb5YrzWJ6M2y8Tx2Xg3NB)
1DvtF6X5b9cBrMZa4Yff9tARCLqP5ZyB47 Sha256(14nuZCWe76kWigUKAjFxyJLFHQyLTsKXYk)
1LzGrd5QX1rG5fk7143ps9isUTEwGyzRJE Sha256(19cMyj9KqVq78yZe32CNhgpyuGLMwM9X8S)
153jMRXn251WyxT9nmJW2XDsFUJ648jyY5 Sha256(1PF2gQPPAwQDfTrSuNX6t8J381D7s3bGFu)
1EFBsAdysTf81k72v9Zqsj3NMuo6KoWD2r Sha256(1BBBvd9G5YThYVVMSGSxJzQvQiQm3WxJC2)
14mRxKmeEw9DCBbpR596FYmfZVdBD8MJxh Sha256(1PLpQDyqDUcpK6fWpRhkkFVBw4tSK4sHkS)
1Hg9pi75XWAT9pB3faXQFKKZbh98cbM5m Sha256(1JoshVWQDa7DzXqN3wQ9dbig5WEfaAzHcM)
1PcExYX3mUJ1rwa4aTLNJUpxqRLU8MxPXm Sha256(1LTZ9kaxRHBZH43eSmZ2KoGLHHUBV3P2S5)
1J9SzdYMZFsLqunQfPAswzogLNBitbREMD Sha256(1A7grBEjor6Sapj8KRbEGj2UrbnNt1Usxo)
1FNF3xfTE53LVLQMvH6qteVqrNzwn2g2H8 Sha256(1H21ndKEuMqZbeMMCqrYArCdV8WeicGehB)
1Q2a1ytfujskCEoXBsjVi1FqKWHegfFKwD Sha256(1LzGrd5QX1rG5fk7143ps9isUTEwGyzRJE)
1PfcpvjYUGu4yvpkEHmAKgDXtsLfSNyzvV Sha256(153jMRXn251WyxT9nmJW2XDsFUJ648jyY5)
1M2uEGihcwUPiRGETE7vF8kUiS2Z4rtV2Q Sha256(1HqQBiqgFK6ChJ2Vq7kbWRCbc73cjyNXv5)
1Kka5bgXvpHTNDsPmhLPHae2qcK9mLS2qS Sha256(1E3D7NabEX971uV2gXT47rWQwPm3zbmvd8)
17hMEK4i8Nsi56huBU4i9N4Gjiw5G6X5iG Sha256(1Nk6a8ZfN86gaHJifcF8iGahx4scCKkwF5)
1DT4Q4ocUFgekXvBqBM6kFmvQYB6Y4PnHo Sha256(19aNbfFfZEWwstuy97C1GsHHELNCxZSEYV)
1CSMVivJfFynvbZRrLFHVGnehpXLUjdGRc Sha256(1p4gsrzTc3mFAgJKYqMzhm6UsJzhgy1KX)
17SaWquajZZBRF5qz6HuXMRt6gvnrDyoqE Sha256(1C1KjGATUXP6L6nnGTAh4LQcnSyLt13XyB)
16eePivj1nTVvLpBGkmFoeGxNyMU7NLbtW Sha256(1K79KaFs4D6wqz1wjP1QoYiY18fw8N3bZo)
1PF2gQPPAwQDfTrSuNX6t8J381D7s3bGFu Sha256(1J9Gtk5i6xHM5XZxQsBn9qdpogznNDhqQD)
1GSkK6KBVSycEU57iK6fRvSXYJ4dgkkuNt Sha256(1JZwnSQz64N3F9D3E24oS4oGhSxMWDsXYM)
12eGusvkCcJb2GWqFvvE1BLDJ8pVX49fQv Sha256(197HxXUSehthdqXM6aEnA1ScDSCR7tQmP3)
134Kia3XhZV6oXE4EUvjc1ES8S8CY7NioU Sha256(1PVn2gxgYB8EcjkpJshJHfDoBoG8BntZWM)
1HMGSkDB9ZhRoUbSEEG6xR7rs9iPT2Ns5B Sha256(1E4yLggKcgHcpSKX336stXWgheNU2serVz)
13qsbkaJM7TkA5F2dsvHeGVQ7kCo74eGxh Sha256(1FAv42GaDuQixSzEzSbx6aP1Kf4WVWpQUY)
1Jsz6mahqVMJn2ayWzN6TfeWTti9tqfbSM Sha256(18AsiEQoLLKaF4Co1z4rxHyzJu9oqTVbFE)
1BwjscJC3P47uW5GXR7tjeHkdXQk6CuAFb Sha256(1JuP7JXhHabGLVAqp9TJj5N171qLVHrcVq)
17kYPYbELyVfMSYihD4YETJSZq5yCs3diM Sha256(1HzJPqLEpbeXiYhyoA8M8cuuds3FEAnw3B)
1C9HtVz7H8NArfV613wQNHs4PrK2oLZEYh Sha256(1EGeEk4YUrXyDL4zNXpWdqJopoVxs2vExJ)
16bEBNuc7JQ4QzyoFAkmxdVvW4wJqicjVN Sha256(12GvGqEQuQTW4Rr8dZ1o397KAYCMGWPYkq)
141V8fK9Kuofit8AXh9SLV9N9bLTfftETA Sha256(15nXjzf8EXy8Lji3czM1HAVw14mEKoEiTw)
19cMyj9KqVq78yZe32CNhgpyuGLMwM9X8S Sha256(17FaMY613bKfwhrdTv5PHnucSGTJBcw3k5)
1CRq6nj3a7vXdJJN2YSWdW6fVwydr6kqWs Sha256(1J1ZPHbbEwgcwniH3F7AgBeFZxQXJoKCGf)
1BVNt39u32LLkxMvBeBHXXNaTJqWe1Xcu5 Sha256(17iLALAyra1W5KSUjjkGN5LeUsWdeoQQx3)
1Mpw88XWQzLTZnq1eNs5SegZYGJu5Epky8 Sha256(1LeuaozTUT5UJX6DD4Q1VJsHh6aHpZ3YRU)
1LkwU9xbVroLkH9EvxDfmMnsCikQzaUv9S Sha256(16bEpxSc1FDyQDXR7ZYKbyyDDxzyaaCnNS)
1D97u8Pet8YmNwKaCPUXLyi4zk1HnLF5RQ Sha256(137XrofaWZhaZW2uB7eDsPjcwCNMTXVLot)
1KyUNmmJu3JjauVEZQUYLUEBg48GXXS1ii Sha256(17S3XjtEFXQoGdXnUjJJtGB1D7PTa9SsLZ)
1HwxL1vutUc42ikh3RBnM4v2dVRHPTrTve Sha256(1FfmbHfnpaZjKFvyi1okTjJJusN455paPH)
137XrofaWZhaZW2uB7eDsPjcwCNMTXVLot Sha256(1JvaK7jYWFNbDsJZLarXnq1iVicFW4UBv5)
1FXi6kEJjnZUBqpwjVJKPsgVHKag86k6qq Sha256(1FEYXtchFFJft6myWc6PyxLCzgdd8EHVUK)
1Gj2uRnxDztM7dTDQEUQGfJg4z5RtAhECh Sha256(1ESkNMa9Z37of4QdJmncvibrXxZ7suPjYm)
1JhWnRjRm7AhbvSBtEifcFL8DkEKQiWRZw Sha256(13Q8rTtdGUUt8Q8ywcEffj4oiNrY6ui3cu)
131XQfvE7E1NzdRQnE8XFmtkxWVRXTsb9q Sha256(1FLeb3zCVG63NYAMBiUoqKYgW1tUwgMMfF)
167dyxowdWwBdofck3WuAwvUpVfn2ewx8Q Sha256(1FFAdm2BWoCfTkTwFLJ4o3b5xG7cuRxbWb)
1CVunYyUpeCFcGAYdHrDNrXcQFBVU8gyo9 Sha256(1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1)
14XAGCAeUxieSzvGK3TX915PJLvX54n2Pd Sha256(17XQfW1R66aRBNYyJMwzn7zLf3D6sZgda3)
1M5jhEDKQCYbMCXHgcRUmaxwqYmcbrEfGD Sha256(1AixDffKCd1cV1tz1sp8fwJQDEAYCWzQcR)
1HPnYqbMvV4bGRcpSP28mMyekhjKiudcFY Sha256(1C91NNyzXE1dBC4dDKjx6y5VnhihifrpCY)
15XWgB1biKGd1JyuYecobfFtfBcVt6Jnok Sha256(1268xJ8iYUdRxK2vArkyoa5es6bR99hjhR)
1NHvPBaxKFuDec27mWcyCf7szUUvNnfimK Sha256(1LdgEzW8WhkvBxDBQHdvNtbbvdVYbBB2F1)
1AoocdeZC64PaQ15Gbv1kXyYYnN8FWXAST Sha256(1Et9zapAxsBLJ3bvY7LDTuHif5cH7mZiBE)
1NWCqz8nr8ZRZt1zEKidyWcZDyNtK3THps Sha256(17Xok12pBFkXxNcE8J4gTSm3YKkatyX4ad)
1Lv6T9RegiNHpES1DHu6AasDcUqp2SeqLb Sha256(1LDqitspsYaiLH6AMW5EzJYuZG5vTGzRNg)
16FKGvEtu5KPMZqiTK4yjmsSZsJLyxz9fr Sha256(1CRWfJdgVrfKLRS4G3vTMRhEQrCZZyHNMo)
14JpZ9Bogo4p83xt6cKS1Fh1rLSFRat8PN Sha256(1FBxoyGYaC9GEKLokfyrHUbZyoZmmm1ptJ)
1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1 Sha256(1PfcpvjYUGu4yvpkEHmAKgDXtsLfSNyzvV)
1P9ZZGDG1npYd4d7jiCfPya6LQGkF5sFm7 Sha256(1LFGKkDZ21FZVsBh1A1S5Xr6aXuV3x9N4k)
1JvaK7jYWFNbDsJZLarXnq1iVicFW4UBv5 Sha256(1LdkWzq9DxopPkY1hCmQ3DezenP5PQLNC3)
15RjQKt6D4HBn87QqgbyvhKFNDDjXncp8Y Sha256(1PhmMsdwamJA6soKw5mNMXxzGomHEHWY5P)
1G7B5eVnAQgeuGrKxcRnrmEqPLsjRkgnVF Sha256(1D97u8Pet8YmNwKaCPUXLyi4zk1HnLF5RQ)
192qwAD31JB9jHiAwaTDkd6teb2hLAkY3b Sha256(1PhqA75qNM23aH9zV3uWvUhDbdwcab6q5L)
13mbvCyxCYvATNzranCkQdpCT19VGpMFZa Sha256(1F3sAm6ZtwLAUnj7d38pGFxtP3RVEvtsbV)
1HJx3CqdaHAX6ZYRBHDvM5skg2Vh7GeZBD Sha256(1KrutzZZ7rth6D9wasfGz2oy9R6k1RCL9n)
1HBsFJ9VngvMjaKZjbFhNRaegkjF9NBEe Sha256(1CVunYyUpeCFcGAYdHrDNrXcQFBVU8gyo9)
1KiGdZ9TUeWyJ3DyHj7LQLZgjvMHd6j2DZ Sha256(18SV4DVmytRDYB5JBAFkewUbVAp6FRpi5c)
13FzEhD3WpX682G7b446NFZV6TXHH7BaQv Sha256(1E1rSGgugyNYF3TTr12pedv4UHoWxv5CeD)
1LVRWmpfKKcRZcKvi5ZGWGx5wU1HCNEdZZ Sha256(1CVPe9A5xFoQBEYhFP46nRrzf9wCS4KLFm)
1HhNZhMm4YFPSFvUXE6wLYPx63BF7MRJCJ Sha256(145Sph2eiNGp5WVAkdJKg9Z2PMhTGSS9iT)
1G6qfGz7eVDBGDJEy6Jw6Gkg8zaoWku8W5 Sha256(18EF7uwoJnKx7YAg72DUv4Xqbyd4a32P9f)
1MNhKuKbpPjELGJA5BRrJ4qw8RajGESLz6 Sha256(15WLziyvhPu1qVKkQ62ooEnCEu8vpyuTR5)
18XAotZvJNoaDKY7dkfNHuTrAzguazetHE Sha256(15SP99eiBZ43SMuzzCc9AaccuTxF5AQaat)
1HamTvNJfggDioTbPgnC2ujQpCj4BEJqu Sha256(14nuZCWe76kWigUKAjFxyJLFHQyLTsKXYk)
17iqGkzW5Y7miJjd5B2gP5Eztx8kcCDwRM Sha256(1MB3L1eTnHo1nQSN7Lmgepb7iipWqFjhYX)
15M7QfReFDY2SZssyBALDQTFVV1VDdVBLA Sha256(16bjY7SynPYKrTQULjHy8on3WENxCmK4ix)
1LgwKwv9kt8BwVvn6bVWj8KcqpP9JSP1Mh Sha256(1Q81rAHbNebKiNH7HD9Mh2xtH6jgzbAxoF)
1pmZwNDZjpuAqW3LjYYQCEjbQYBtSxzWc Sha256(13PctMqzyBKi5CpZnbastHQURrSRrow4yj)
1qA59Na3WysruJbCPoomryDRCtJ4f4aLu Sha256(1HBsFJ9VngvMjaKZjbFhNRaegkjF9NBEe)
19QBydCuMiY7aRTbkP2tb3KQJUWkTrr5Xi Sha256(1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T)
11EuerTwe9rxtT3T56ykX5K7J3AksPzU3 Sha256(14PnZgX8ZDABJZ8RnatkK7DQzdpkwRRPX2)
13JNB8GtymAPaqAoxRZrN2EgmzZLCkbPsh Sha256(1LGUyTbp7nbqp8NQy2tkc3QEjy7CWwdAJj)
1Ads6ZWgRbjSCZ37FUqcmk82gvup1gQurB Sha256(1NbBTJQ5azGEA1yhGnLh39fE8YoEbePpCm)
1LWU4SbnqnfctAMbtivp2L98i8hSSCm7u7 Sha256(1MVqDAJo8kbqKfTJWnbuzvfmiUXXBAmX3y)
12B1bUocw8rQefDcYNdckfSLJ6BsUwhRjT Sha256(1Pjg628vjMLBvADrPHsthtzKiryM2y46DG)
12GZz1D1kdX3Fj7M87RFvqubam8iGrK77R Sha256(1Lu49ZKmGoYmW1ji3SEqCGVyYfEw7occ86)
13wY5CtwQhd7LYprEpFpkt1g9R7ErMkAwT Sha256(1NPSWKXdnHa17NWTU3J6nVkyogZjmAh7N6)
1Kc324Y6UUMffeYdtuXgzVC28Kx3U8cqQk Sha256(1HAQB99WfrV2ttRjttUPMzRi4R1uC2ftMy)
1Gwz14Cty45h3hZ4nCEno6jSdxtQn5bc7h Sha256(1PDgY5PkpBNCZVWKKAq3cbGyqvwwN91z4g)
1L2a5n9ar7e2v3Wz6NDFnxisigvR6urGaY Sha256(1KxUVU9DKfdaTLMnXBLS5BZRf56cFnRosk)
1KwUfu3gGk7n8Wz969tAztvvM4Mp4ZY57s Sha256(12XuaKzEheWbFJBno9QiV6kPCWrnWpUYTK)
13JNB8GtymAPaqAoxRZrN2EgmzZLCkbPsh Sha256(1LGUyTbp7nbqp8NQy2tkc3QEjy7CWwdAJj)
12fcWddtXyxrnxUn6UdmqCbSaVsaYKvHQp Sha256(16SH69WgJCXYXWV58sxjTxonhgBh5HCZTt)
1MkaTR3642ofrstePom5bbwGHbuQJmrnGD Sha256(1BynBc2YUAoNcvZLWi24URzMvsk7CUe2rc)
114LdauSAu2FTaR2ChPsPTRRhjYD9PZzn2 Sha256(144BV4Y7tgnetk5tDKAYTGS4mjprA75zJz)
1NzWscae8v3sKmTVJYwq8yhkizK8hUS5qP Sha256(1ENCBKFsqxJVCqR2TS1WfDV3rDi6zA8J6Y)
1FjEL7TBazaJN7WyND4uwq9wiaWDzfizkP Sha256(1PeCGFsJgqz8CcjGugGq5bPBiRDXUZHLUH)
1FP8j4zUPoJkpKwYpd8zYGHVaKygRHzx3d Sha256(1ERdvKTCxP1gZvdNndLKtYotW7qpR3xhuQ)
16nXouTPm5gVedr4Betb8KRWLSBtmXGUbD Sha256(16oTV1jZPJ5wm3QLhN96xVF7DchihmpL1k)
15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit Sha256(1Ca15MELG5DzYpUgeXkkJ2Lt7iMa17SwAo)

My bot moved coins from the last two addresses only.  (No one has claimed ownership from 16nX).  All other transfers were the result of other people who either figured this out or are the ones who planted the bad addresses themselves (since 2014).

And these are some recent examples of private keys that are based on other information from the blockchain itself (as stated, may be completely unrelated but still happening on a regular basis).

1LUqqMzaigWJTzaP79oxsD6zKGifokrh7p c193edeeb4e7fb5c3e01c3aebd2ec5ac13f349a5a78ca4112ab6a4cbf8e35404 txid
1FQ9AneLGfhFf9JT5m5sg5FaYFeJrGmJhS 00000000000000000045fa3492aee311171af6da7d05a76c6eaadab572dc1db9 Block Hash
1DhcPvYWBGwPFEsAJhXgdKtXX7FFGGeFVS 00000000839a8e6886ab5951d76f411475428afc90947ee320161bbf18eb6048 Block Hash
198MRUHD2cvgUTBKcnroqmoTSs4b8xyLH9 7dac2c5666815c17a3b36427de37bb9d2e2c5ccec3f8633eb91a4205cb4c10ff Markel Root
19FHVnoNYTmFAdC2VC7Az8TbCgrSWSP1ip 000000000000000000db717b4c076da2d1b9ff8ddbc94132e3a8d008a0fb62b9 Block Hash
1Lr2yEny7HYJkXdFgJ2D8zHyNH1uHMi4w4 2bedfd92a6136566bb858b2f0d223744a41a987c468356d069acc86f45bf68ac txid
1QBbjKxRk1jP36WYpFkJjgzhvVSDBMWjy2 f1599a1ced833d95a54aa38a1a64113d5f0a4db3cb613ef761180cab57155699 txid
1BFYNokepXjbb9Han2AGfSTNKNNU9vgAAn 533da7e41bd99550f63f152ef1e613f1a78e3bed12788664d536c6ec42b5e0aa txid
1MJtsgDNrrFWS3qxtrPr6BnQUdp1qPjyEm 216fb568589629b115b0ed8fc41fdf3219d9ab804c6ce5e53fbc581a88427c3f txid
14syDBvpGXS6PtWytkDJF2QACvSggEZ277 a7f4def1c7ff07d17b5dd58fc92f18ee2dbee6dc7654fd30a8653bd9d848f0a0 txid
1QBbjKxRk1jP36WYpFkJjgzhvVSDBMWjy2 f1599a1ced833d95a54aa38a1a64113d5f0a4db3cb613ef761180cab57155699 txid
1BkHAUcfrZLRLyXHiBn6XRoppPqSzuf8hE 805cd74ca322633372b9bfb857f3be41db0b8de43a3c44353b238c0acff9d523 txid
1CNgVFjAwHT7kc6uw7DGk42CXf1WbX4JQm 53d348ca871dc1205e778f4d8e66cfdadbd105782dba6688e9a0b4bdee4763e4 txid
1HjDAJiuJ8dda919xwKBqphhEwBVGfzMGt 0aad1b00a5227d9b03d33329a5a11af75c75c878a064c69b276063cbea677514 txid
1PDnrPSCw9eWTtJss4DhYoLTk4WUmZQdBi f87b08218888f97388218d3e2489962403f7eece98dd8b4733671edeb9ad1a7c txid
1MJp4z3ig498hNATfgHBAnLFhwoZpvw118 000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f Block Hash

I think this information should be made public so that other backend systems plugged into crypto networks can guard against this sort of 'hide in plain sight' attack.  As stated earlier,  I honestly set out to look for buried treasure and stumbled upon someone else's exploit.  Thanks to yt_coinartist's assistance in making this public.

e8d064874c37ce44f13a880b93b548b83342c99e1530dd746322777f88397ed8

Going dark now....bye.


Title: Re: Thoughts on this private key stealing mystery
Post by: User365 on November 30, 2017, 11:52:26 AM
Wow  :o

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.


Title: Re: Thoughts on this private key stealing mystery
Post by: boogersguy on November 30, 2017, 12:45:22 PM
Wow  :o

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.


Actually, what's most alarming about this is that the programmer that discovered this appears to be simply a solid developer (not a genius).  His thinking and experiments are logical and repeatable (by others without knowing). 

Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction? This way, over time, it will be easier to determine the source of the code.


Title: Re: Thoughts on this private key stealing mystery
Post by: aplistir on November 30, 2017, 12:45:37 PM
Really interesting.
And soon there will be many more people trying to steal coins from that kind of addresses.

I believe his assumption that it is some wallets change address code doing this, is probably correct.
Would be great to know which wallet it is.


Title: Re: Thoughts on this private key stealing mystery
Post by: aplistir on November 30, 2017, 12:50:04 PM
Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction? This way, over time, it will be easier to determine the source of the code.

Nice idea, but not a good one.
Sending coins back to the address they came from could just end up losing the coins permanently, because now days wallets do not re-use addresses, and the original owned might not have that address in his wallet anymore.


Title: Re: Thoughts on this private key stealing mystery
Post by: ranochigo on November 30, 2017, 12:53:33 PM
Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction?
There's no point. It would just result in the Bitcoins being stolen over and over again. When the hacker notices this, they would just script another transaction to transfer it away to their own address. Either you get every miner to cooperate with you or you can't do anything.

With regards to the message, you could use OP_Return but that is mostly ignored by normal people. If its a system, then it would be impossible for them to see it. You have to trace the origin of the Bitcoins yourself.


Title: Re: Thoughts on this private key stealing mystery
Post by: amaclin1 on November 30, 2017, 02:56:31 PM
And soon there will be many more people trying to steal coins from that kind of addresses.
Not many.
There are no more than a dozen people in the whole world who can create and
run such software. Keeping and updating in realtime the database is not simple and cheap task.

You can do a following test: send a small amount ( 0.0010 btc ) to "the most compromissed address"
1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T sha("correct horse battery staple")
and count the sweep attempts here:
https://bitaps.com/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
(this block-explorer shows conflicting transactions)


Title: Re: Thoughts on this private key stealing mystery
Post by: bitcoinpoopers on November 30, 2017, 04:26:39 PM
is the original post removed from reddit?


Title: Re: Thoughts on this private key stealing mystery
Post by: bitcoinpoopers on November 30, 2017, 04:50:28 PM
it also looks like u/fitwear made a post https://www.reddit.com/r/Bitcoin/comments/6u940t/bitcoin_paper_wallet_help/

Looks like he would have typed in his private key on bitaddress.org .. potential issues there?


Title: Re: Thoughts on this private key stealing mystery
Post by: adaseb on November 30, 2017, 06:13:08 PM
His original post is here

https://www.reddit.com/r/Bitcoin/comments/7cw2uw/how_blockchaininfo_stole_65000_from_me/



Title: Re: Thoughts on this private key stealing mystery
Post by: runam0k on November 30, 2017, 10:20:38 PM
Someone pointed out that the issue may be linked to an old PHP library.

See https://github.com/coinables/Bitcoin-NoAPI-Shopping-Cart/issues/2

One of the addresses in the OP is mentioned in the above github issue.


Title: Re: Thoughts on this private key stealing mystery
Post by: BurtW on December 01, 2017, 12:16:08 AM
Fascinating read.  I plan to look at it more when I have some time.

Some of the Bitcoin addresses that were used to generate the private keys are "well known" long standing vanity addresses, for example 1NiNja1bUmhSoTXozBRBEtR8LeF9TGbZBN


Title: Re: Thoughts on this private key stealing mystery
Post by: adaseb on December 01, 2017, 01:24:40 AM
Blockchain.info replied sayings its not an issue with them

https://www.reddit.com/r/Bitcoin/comments/7gpami/blockchaininfo_responds_to_address_generation/

Quote
Recently we were contacted by a researcher regarding a potential address generation issue that resulted in private keys being discoverable as well as the funds associated with those addresses. Through his research he identified 128 addresses that were potentially vulnerable including one that he linked to a Blockchain wallet.
Security and the safety of user funds is a top priority at Blockchain. We have a variety of internal mechanisms in place to prevent against malicious attacks and work diligently to educate our users on security best practices. We also investigate all security reports that we receive. For this particular issue, hereís what we discovered:
After an extensive code review across all of our platforms by our lead engineers and security engineering staff, we did not find any patterns in the logic that would cause the same address generation issue this researcher discovered.
Our QA and security team also tried to reproduce the issue and were unable to generate any similar addresses or reproduce this issue.
We then analyzed the transactions characteristics of the 128 impacted addresses reported to us and were able to definitively rule out 94 addresses as not associated with a Blockchain Wallet.
Of the remaining 34 addresses, while we could not rule them out immediately because of our data and privacy constraints, we have strong data to believe they are not connected to a Blockchain Wallet. It is highly unlikely that they were generated by our software.
We scanned the entire block chain during the companyís duration (2011 to present) for similarly generated addresses and discovered six additional addresses, previously undiscovered by the researcher, that were generated in the same manner. We were also able to rule these addresses out as associated with a Blockchain Wallet.
There is only one address we have be able to definitively identify as associated with a Blockchain Wallet. However, this address was imported into the userís Blockchain Wallet. Weíre collaborating with this user to continue to investigate what happened in this specific instance. In other words, the one impacted address that is associated with a Blockchain wallet was imported into that wallet and was not generated by our software.
After extensive investigation and failure to reproduce in our wallet software the kinds of addresses observed by the researcher, we are confident that the address generation issue he discovered did not originate from our Blockchain Wallet software.
We welcome security inquiries and actively support our bug bounty program. If you would like to review our code itís available on Github here.


Title: Re: Thoughts on this private key stealing mystery
Post by: jman0war on December 01, 2017, 02:20:28 AM
Unfortunately this isn't the first time that a wallet provider has failed to generate a truly random key.
There's a long thread on it somewhere on this form.
But here's their website:  https://lbc.cryptoguru.org/trophies

It would be good to know who the bad actor is (blockchain.info?) so users can vote with their feet.



Title: Re: Thoughts on this private key stealing mystery
Post by: BurtW on December 01, 2017, 04:35:41 AM
Unfortunately this isn't the first time that a wallet provider has failed to generate a truly random key.
There's a long thread on it somewhere on this form.
But here's their website:  https://lbc.cryptoguru.org/trophies

It would be good to know who the bad actor is (blockchain.info?) so users can vote with their feet.


Did you read the post right before yours?


Title: Re: Thoughts on this private key stealing mystery
Post by: amaclin1 on December 01, 2017, 04:53:10 AM
Did you read the post right before yours?
No. Why should I? Tell me one reason why should I read anything before write anything?


Title: Re: Thoughts on this private key stealing mystery
Post by: Induane on December 01, 2017, 04:44:10 PM
1J9Gtk5i6xHM5XZxQsBn9qdpogznNDhqQD Sha256(16fawJbgd3hgn1vbCb66o8Hx4rn8fWzFfG)

Interestingly - this one appears to be part of a series.

If I feed the generated address back in to generate the next keypair I find a series of wallets with deposits:

Code:
┌brant@SlugJuice~
└─(walleter)─> $ walleter -s 16fawJbgd3hgn1vbCb66o8Hx4rn8fWzFfG -i 1000
   INFO: Opening BlockchainInfo session
   INFO: Session open
   INFO: Using custom seed: 16fawJbgd3hgn1vbCb66o8Hx4rn8fWzFfG
   INFO: Wallet found: 16fawJbgd3hgn1vbCb66o8Hx4rn8fWzFfG; Received: 0.00001174; Address: 1J9Gtk5i6xHM5XZxQsBn9qdpogznNDhqQD; Private Key: 5Ja1Q4SAxcssJv2yWEFNVxGKvGqoqJorbpnxFY3qLft1pcfypqi; Balance: 0.00000000
   INFO: Wallet found: 1J9Gtk5i6xHM5XZxQsBn9qdpogznNDhqQD; Received: 0.00004430; Address: 1PF2gQPPAwQDfTrSuNX6t8J381D7s3bGFu; Private Key: 5JDvk8iw55dQVCHbmgeUshNRMKKyEx8GSv33coU7bi9WYLbseyT; Balance: 0.00000000
   INFO: Wallet found: 1PF2gQPPAwQDfTrSuNX6t8J381D7s3bGFu; Received: 0.00002000; Address: 153jMRXn251WyxT9nmJW2XDsFUJ648jyY5; Private Key: 5Kg983m3WD3aNUrbEVUKxbUbm8GEJjsmrqghXtUQr84qxPy43fp; Balance: 0.00000000
   INFO: Wallet found: 153jMRXn251WyxT9nmJW2XDsFUJ648jyY5; Received: 0.00002000; Address: 1PfcpvjYUGu4yvpkEHmAKgDXtsLfSNyzvV; Private Key: 5Jdmm6mWLShx8a2qPHe6ccWf2qW6ceeRnYYC9qgv1CwHMu9DggY; Balance: 0.00000000
   INFO: Wallet found: 1PfcpvjYUGu4yvpkEHmAKgDXtsLfSNyzvV; Received: 0.00001000; Address: 1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1; Private Key: 5K5fbsMQ6G11rYDUDMdCmYngiX2df2Xoe5vZL9NqL75Rzf9s1L2; Balance: 0.00000000
   INFO: Wallet found: 1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1; Received: 0.00001000; Address: 1CVunYyUpeCFcGAYdHrDNrXcQFBVU8gyo9; Private Key: 5HxUgMBhacrzwqdHxkRW1SVPYKPAKyPYCbqfNoTKtSJPuC2XBc3; Balance: 0.00000000
   INFO: Wallet found: 1CVunYyUpeCFcGAYdHrDNrXcQFBVU8gyo9; Received: 0.00002000; Address: 1HBsFJ9VngvMjaKZjbFhNRaegkjF9NBEe; Private Key: 5JRSZfbr5BntG7btk2b8k1X2LgQ6N55LQVbTzfRyX4XDJWykU16; Balance: 0.00000000
   INFO: Wallet found: 1HBsFJ9VngvMjaKZjbFhNRaegkjF9NBEe; Received: 0.00001000; Address: 1qA59Na3WysruJbCPoomryDRCtJ4f4aLu; Private Key: 5KAmGhufm2PXy86UTGYdvDeThu1aDyFysTYGQmQ3BuoiuWAWkg3; Balance: 0.00000000
   INFO: Wallet found: 1qA59Na3WysruJbCPoomryDRCtJ4f4aLu; Received: 0.00001000; Address: 18VZG5Dr8bYJWadHUgh7kC4RPS1VsvH4Ks; Private Key: 5JuXhZgfUQQKpBSVtcoXnU66fcvQL7oT4uGAf8nozqMmidSL1MH; Balance: 0.00000000
   INFO: Wallet never had any coins. Moving along...
   INFO: Wallet never had any coins. Moving along...
   INFO: Wallet never had any coins. Moving along...
   INFO: Wallet never had any coins. Moving along...
   INFO: Wallet never had any coins. Moving along...
   INFO: Wallet never had any coins. Moving along...
   INFO: Wallet found: 1JZQmZdLVySibjxf3kFfBBa3RBExRonEiD; Received: 0.00001000; Address: 1PDgY5PkpBNCZVWKKAq3cbGyqvwwN91z4g; Private Key: 5KJqWAYiTwV9Uwg2RqrL8XRBaBxD1fPeXmTvbHHtZZFCryYSpfn; Balance: 0.00001000
   INFO: Wallet found: 1PDgY5PkpBNCZVWKKAq3cbGyqvwwN91z4g; Received: 0.00001000; Address: 1Gwz14Cty45h3hZ4nCEno6jSdxtQn5bc7h; Private Key: 5J5JURHZJSG49sTmwiDRw6hEUb7NFb5BmnMyJeWtMaNESpv2fJo; Balance: 0.00000000
   INFO: Wallet never had any coins. Moving along...
   INFO: Wallet found: 1KgAg47rgkX78JtQq2tt52pSVSGnhuacGG; Received: 0.00013000; Address: 1JsHqZBZi7vU1ygsL4GwZh56nNRfBWVcQN; Private Key: 5JZytZfiZkNpofnBhwSkREvnn5GfiVZe6KbBzixo8yXCypFun3M; Balance: 0.00000000




Title: Re: Thoughts on this private key stealing mystery
Post by: amaclin1 on December 01, 2017, 05:20:32 PM
Interestingly - this one appears to be part of a series.

looks like blockchain spam by coinwallet.eu or similar.
the owner did not care about security of funds.


Title: Re: Thoughts on this private key stealing mystery
Post by: jman0war on December 01, 2017, 07:38:41 PM
It would be good to know who the bad actor is (blockchain.info?) so users can vote with their feet.
Did you read the post right before yours?
So is the problem here that blockchain.info is fingered unfairly?
Or is the problem here that there exists private keys that are discover-able.


Title: Re: Thoughts on this private key stealing mystery
Post by: Oceat on December 01, 2017, 08:26:54 PM
So is the problem here that blockchain.info is fingered unfairly?
Or is the problem here that there exists private keys that are discover-able.
There's no exact issues here but my guess is this is just a buzz or a human made error. It is impossible to assume that blockchain.info could be hack.

And soon there will be many more people trying to steal coins from that kind of addresses.
Not many.
There are no more than a dozen people in the whole world who can create and
run such software. Keeping and updating in realtime the database is not simple and cheap task.
What if this is possible but we don't know it yet. Well apparently i don't like this idea it might be an exploit but who knows?


Title: Re: Thoughts on this private key stealing mystery
Post by: amaclin1 on December 01, 2017, 10:17:16 PM
It is impossible to assume that blockchain.info could be hack.
You've made my day.
https://www.reddit.com/r/Bitcoin/comments/2onl1y/at_least_hundreds_of_coins_were_stolen_from/


Title: Re: Thoughts on this private key stealing mystery
Post by: samson on December 02, 2017, 10:46:41 AM
And soon there will be many more people trying to steal coins from that kind of addresses.
Not many.
There are no more than a dozen people in the whole world who can create and
run such software. Keeping and updating in realtime the database is not simple and cheap task.

You can do a following test: send a small amount ( 0.0010 btc ) to "the most compromissed address"
1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T sha("correct horse battery staple")
and count the sweep attempts here:
https://bitaps.com/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
(this block-explorer shows conflicting transactions)


No more than a dozen.....lol... ::)


Title: Re: Thoughts on this private key stealing mystery
Post by: kahc on December 02, 2017, 03:12:30 PM
And soon there will be many more people trying to steal coins from that kind of addresses.
Not many.
There are no more than a dozen people in the whole world who can create and
run such software. Keeping and updating in realtime the database is not simple and cheap task.

You can do a following test: send a small amount ( 0.0010 btc ) to "the most compromissed address"
1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T sha("correct horse battery staple")
and count the sweep attempts here:
https://bitaps.com/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
(this block-explorer shows conflicting transactions)


No more than a dozen.....lol... ::)

I always thought that double-spender with the highest sending fee got favored. But it seems like the one with 312sat/B got included in the block first.


Title: Re: Thoughts on this private key stealing mystery
Post by: carlisle1 on December 02, 2017, 10:13:18 PM
Wow  :o

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.
hes really a genius and an expert in hes field,its one of a kind to find such discovery
but what made me think is how many people in crypto can do this kind of key generating
code hacking,hope this one will alarm the authorities to make precautionary measures.


Title: Re: Thoughts on this private key stealing mystery
Post by: Spendulus on December 03, 2017, 03:54:28 AM
Wow  :o

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.
hes really a genius and an expert in hes field,its one of a kind to find such discovery
but what made me think is how many people in crypto can do this kind of key generating
code hacking,hope this one will alarm the authorities to make precautionary measures.

There is reason to suspect, and to look for more such issues.



Title: Re: Thoughts on this private key stealing mystery
Post by: btctousd81 on December 03, 2017, 05:18:14 AM
first3 methods are nothing new, i saw the same methods in some video , posted here .

using merkle roto and tx id as a private key and generate bitcoin address.,

but its like shooting in dark.



Title: Re: Thoughts on this private key stealing mystery
Post by: Intersan on December 03, 2017, 10:27:10 PM
Wow  :o

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.
hes really a genius and an expert in hes field,its one of a kind to find such discovery
but what made me think is how many people in crypto can do this kind of key generating
code hacking,hope this one will alarm the authorities to make precautionary measures.

He have done a good work. I guess hackers are also upgrading their way of hacking and must come up with a new way of stealing. I do also hope that authorities will be concerned about it especially now that there are many new users in this forum. Bitcoin have attracted many attention when it reached $10 000 and of course it also looks so good in the eyes of hackers. We should always be careful.


Title: Re: Thoughts on this private key stealing mystery
Post by: dacsee on December 04, 2017, 04:20:22 AM
Very interesting technical story.

Luckily that in today's age, most generated keys are derived from a high degree of randomness, instead of easily guessable keywords / phrases


Title: Re: Thoughts on this private key stealing mystery
Post by: amaclin1 on December 04, 2017, 07:15:19 AM
Luckily that in today's age, most generated keys are derived from a high
degree of randomness, instead of easily guessable keywords / phrases
Sure?  ;D


Title: Re: Thoughts on this private key stealing mystery
Post by: Spendulus on December 05, 2017, 01:07:35 AM
Very interesting technical story.

Luckily that in today's age, most generated keys are derived from a high degree of randomness...

How do you know for sure?


Title: Re: Thoughts on this private key stealing mystery
Post by: Dr.Z on December 05, 2017, 01:19:52 AM
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?


Title: Re: Thoughts on this private key stealing mystery
Post by: bigvito19 on December 05, 2017, 08:03:15 PM
first3 methods are nothing new, i saw the same methods in some video , posted here .

using merkle roto and tx id as a private key and generate bitcoin address.,

but its like shooting in dark.




What's the video link?


Title: Re: Thoughts on this private key stealing mystery
Post by: BurtW on December 05, 2017, 08:09:21 PM
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not.  Stop spreading FUD.  Don't be an idiot, read the thread.


Title: Re: Thoughts on this private key stealing mystery
Post by: J. Cooper on December 05, 2017, 08:31:27 PM
Wow  :o

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.
hes really a genius and an expert in hes field,its one of a kind to find such discovery
but what made me think is how many people in crypto can do this kind of key generating
code hacking,hope this one will alarm the authorities to make precautionary measures.
I fail to see what authorities have to do with this in the first place.

But regardless, super interesting find. I'm going to read up a lot more on this when I find some free time over the weekend.

first3 methods are nothing new, i saw the same methods in some video , posted here .

using merkle roto and tx id as a private key and generate bitcoin address.,

but its like shooting in dark.


Is there a way you can provide me with a link to that video. I would like to aquire some more information on this matter.


Title: Re: Thoughts on this private key stealing mystery
Post by: nibor on December 05, 2017, 09:29:30 PM
And soon there will be many more people trying to steal coins from that kind of addresses.
Not many.
There are no more than a dozen people in the whole world who can create and
run such software. Keeping and updating in realtime the database is not simple and cheap task.

You can do a following test: send a small amount ( 0.0010 btc ) to "the most compromissed address"
1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T sha("correct horse battery staple")
and count the sweep attempts here:
https://bitaps.com/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
(this block-explorer shows conflicting transactions)


Make that only a few million.... bitcoinj.org and a few 1000 lines of java and you are done. Only need a 5-50 gig leveldb database...
Maybe a few days work plus another few to test it and get the sweep to work...


Title: Re: Thoughts on this private key stealing mystery
Post by: Dr.Z on December 06, 2017, 01:49:23 AM
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not.  Stop spreading FUD.  Don't be an idiot, read the thread.

What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified.


Title: Re: Thoughts on this private key stealing mystery
Post by: kahc on December 06, 2017, 01:53:30 AM
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not.  Stop spreading FUD.  Don't be an idiot, read the thread.

What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified.

If you did read the thread, then you must be smoking something good ;D
Blockchain.info checked their code repository, these addresses are not generated from them.


Title: Re: Thoughts on this private key stealing mystery
Post by: Spendulus on December 06, 2017, 03:58:03 AM
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?

Nobody said they did.

Maybe it was a hacked wallet, or a key logger running on a computer whee the transaction occurred.


Title: Re: Thoughts on this private key stealing mystery
Post by: Dr.Z on December 06, 2017, 05:41:44 AM

If you did read the thread, then you must be smoking something good ;D
Blockchain.info checked their code repository, these addresses are not generated from them.

It is well explained in the thread why it was not a hacked wallet. Because if someone hacked into the wallet, he was no need to import a "blockhash or txhash based address", just hardcode one will be good.


Title: Re: Thoughts on this private key stealing mystery
Post by: User365 on December 06, 2017, 10:23:14 AM
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?

Nobody said they did.

Maybe it was a hacked wallet, or a key logger running on a computer whee the transaction occurred.

According to the facts of the OP I think it is safe to say that this was a dev of a company which implemented it into the code.

A malware would act different (f.e. Hardcode priv key's so nobody can recognize it)


Title: Re: Thoughts on this private key stealing mystery
Post by: BurtW on December 06, 2017, 03:39:59 PM
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not.  Stop spreading FUD.  Don't be an idiot, read the thread.

What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified.
You are a noob so I will give you the benefit of my doubt:  Are you confusing blockchain.info with "the blockchain"?


Title: Re: Thoughts on this private key stealing mystery
Post by: ksgerb on December 06, 2017, 03:51:57 PM
Few moths ago I also found a site that looks like a directory of btc address private key which could be import to wallet, I try to pick random wallet keys there around 50-70 address out of thousands listed on the said site but no wallet has balance on them off course the one who listed the directory maybe had already withdraw all btc on those address I just think..lol


Title: Re: Thoughts on this private key stealing mystery
Post by: BurtW on December 06, 2017, 04:29:30 PM
Few moths ago I also found a site that looks like a directory of btc address private key which could be import to wallet, I try to pick random wallet keys there around 50-70 address out of thousands listed on the said site but no wallet has balance on them off course the one who listed the directory maybe had already withdraw all btc on those address I just think..lol
Is this the site you are talking about:  http://directory.io/

If so that is simply a web page that calculates a group of sequential private keys based on the "page number" and then calculates the two possible Bitcoin addresses for each of the private keys on the page.

Nothing special or new there.


Title: Re: Thoughts on this private key stealing mystery
Post by: Dr.Z on December 07, 2017, 01:14:27 AM
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not.  Stop spreading FUD.  Don't be an idiot, read the thread.

What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified.
You are a noob so I will give you the benefit of my doubt:  Are you confusing blockchain.info with "the blockchain"?

Your words make zero sense, stop replying me. Thank you.


Title: Re: Thoughts on this private key stealing mystery
Post by: ir.hn on December 07, 2017, 02:50:13 AM

Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction? This way, over time, it will be easier to determine the source of the code.

This can be done.  Great idea.


Title: Re: Thoughts on this private key stealing mystery
Post by: ehrz22 on December 07, 2017, 03:00:12 AM

Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction? This way, over time, it will be easier to determine the source of the code.

This can be done.  Great idea.

It can be done but can be abuse by some scammers if this feature will be made. It's like paypal, even if your transaction is legit the sender may open a ticket or dispute about the transaction. So this feature is still not advisable. Before, I was also wondering if we can get back the btc we sent, but now Im understanding well why it cannot be done.


Title: Re: Thoughts on this private key stealing mystery
Post by: Spendulus on December 08, 2017, 02:58:29 AM

Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction? This way, over time, it will be easier to determine the source of the code.

This can be done.  Great idea.

This would require in real time, immediately after the theft, determining the relation between the private and public key, then deducing the private key, then sending a transaction with a higher fee.

That would be a program. It would have to be activated by a signal from the victim, and he would have to notice the theft pretty quickly and log the request.

I would note that there could be any number of algorithms each with a variety of constants which could be used to deduce the private key from the public key. Once the bad guys knew these counter attacks existed, they would go to more subtle algorithm.



Title: Re: Thoughts on this private key stealing mystery
Post by: CarDioLogic on December 09, 2017, 02:03:24 PM
I don't understand much about the technical stuff talked, but i'm worried the more recognition this gets, the more people (bad people) will try to replicate it in order to try to steal.


Title: Re: Thoughts on this private key stealing mystery
Post by: breakingbit on December 16, 2017, 11:09:59 PM
Quote
echo -n "1Ca15MELG5DzYpUgeXkkJ2Lt7iMa17SwAo" | sha256sum
9e027d0086bdb83372f6040765442bbedd35b96e1c861acce5e22e1c4987cd60

That hex number is the private key for 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit !!!

This is not the case. The private key for that hex address is 5K1sjALvVxbsTRMf3aGKnB6E39uZfqQ6XQTGh5z3DrBDq3pG9A6 and its address is 18JT3KeFV36Hkgo3Xi9bfgNYAXCVXBGyFg.
Have you considered protecting the corresponding bitcoin cash wallets ? At least one of them got raided after your publication.

There's a few more wallets in the blockchain that have corresponding "target" wallets. I've traced quite a few. I suspect the grouped 0.0001 BTC transfers are signallers. Not strictly necessary, but allowing for easy recognition. I found one of the addresses to be associated with a btc lottery service, though I have a hunch that many of the addresses that are being 'watched' are actually hashes / strings that were pasted on md5hashing.net. If you set your user agent to google bot you can scrape those pages. Run them through sha256 / use hashes as keys and you'll see what I mean. I even found password 1975 on there, though that might've been tried on there in response to your publication.





Title: Re: Thoughts on this private key stealing mystery
Post by: breakingbit on December 16, 2017, 11:19:15 PM
The md5hashing.net being a source of generation makes sense as well. Read this first: https://www.reddit.com/r/Bitcoin/comments/2c5jot/my_18_stolen_bitcoin_were_spent_today_25_bounty/

This guy's bitcoins were stolen about 3 years ago from 1CwUog8nftdpC6RXygFcwzTKEATDCE4b9T.
The private key to that wallet is 5KHRvbqGXw4mcsdamWYK2EH515tXRXHr199qZr2ziC9NdEEd7tV. Its private
key is derived from sha256(ywAEqHEdZkVM4phdRa6URuZY8SAOjPa169G881ARuaIwxa4f1i), a string
searched for on md5hashing.net. Sites such as these may very well be honey pots.


Title: Re: Thoughts on this private key stealing mystery
Post by: phucthinh11061997 on December 17, 2017, 12:04:06 AM
Wow  Shocked

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.


Title: Re: Thoughts on this private key stealing mystery
Post by: breakingbit on December 17, 2017, 06:21:53 PM
I wonder if there's a connection with bitpay/copay. I found a transaction id as the privkey of a wallet (143o1wchhdN58FXcXreEKYvsihYQuFEQPN) that sends its coins to one of the known vacuum addresses. Right prior to it, it receives funds from 1MhxhzAQGktuQvx7ykhpomMeB8WnzBFeVi. The latter wallet received a transfer from 3QyUSB4eRYePHcvpS6k6YDMBUDGXRSSMPc prior to that. That address is mentioned on https://github.com/bitpay/copay/issues/4017

Might it be co pay transaction logic at play here?


Title: Re: Thoughts on this private key stealing mystery
Post by: TechPriest on December 17, 2017, 09:13:32 PM
Sending coins back to the address they came from could just end up losing the coins permanently, because now days wallets do not re-use addresses, and the original owned might not have that address in his wallet anymore.

I'm very interesting in this. Where do you find such kind of information? If you have seed, it will contain ALL addreses (used and not-used). With it you will be able to get access to any address which you were used.


Title: Re: Thoughts on this private key stealing mystery
Post by: Alexcross1075 on December 21, 2017, 03:01:26 PM
its not a good idea because if there are valuable coins there,the owners are doomed to loose it,when the keys get into the hands of real hackers  ???


Title: Re: Thoughts on this private key stealing mystery
Post by: BurtW on December 22, 2017, 02:56:38 PM
Sending coins back to the address they came from could just end up losing the coins permanently, because now days wallets do not re-use addresses, and the original owned might not have that address in his wallet anymore.

I'm very interesting in this. Where do you find such kind of information? If you have seed, it will contain ALL addreses (used and not-used). With it you will be able to get access to any address which you were used.
You are correct, aplistir does not know what they are talking about.  Modern HD wallets remember all used addresses. 


Title: Re: Thoughts on this private key stealing mystery
Post by: bitfools on January 06, 2018, 06:03:53 AM
Quote
echo -n "1Ca15MELG5DzYpUgeXkkJ2Lt7iMa17SwAo" | sha256sum
9e027d0086bdb83372f6040765442bbedd35b96e1c861acce5e22e1c4987cd60

That hex number is the private key for 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit !!!

This is not the case. The private key for that hex address is 5K1sjALvVxbsTRMf3aGKnB6E39uZfqQ6XQTGh5z3DrBDq3pG9A6 and its address is 18JT3KeFV36Hkgo3Xi9bfgNYAXCVXBGyFg.
Have you considered protecting the corresponding bitcoin cash wallets ? At least one of them got raided after your publication.


private address in HEX 9e027d0086bdb83372f6040765442bbedd35b96e1c861acce5e22e1c4987cd60
private address in WIF 5K1sjALvVxbsTRMf3aGKnB6E39uZfqQ6XQTGh5z3DrBDq3pG9A6

[ but there are two wifs L2Wru6Ew8pQuhcWAvMpdtPY4YWK1CQcwPCWxFvzkoi47crJBAVaP ]

Then address is 18JT3KeFV36Hkgo3Xi9bfgNYAXCVXBGyFg

But there is only the compressed address ... 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit

There is no balance on this private-address

IMHO, having done this stuff for a solid six months after a double hiatus from bitcoin in 2011, and 2013, I have seen very little to nothing come of these types of 'looking for private keys', just hashes in generals that they them selves came from hashes is just shit from shit, you still get shit, a lucky monkey on a type write can also generate 'war and peace', given enough time.

There are 10k ways to HACK bitcoin, there are a zillion paths to be taken, one must test them all to find that path that works for them, certainly you don't want to follow the 'pack' in this shit, as it will lead you to NO WHERE.

Probably best advice for people serious about this game is ...

1.) Study the C++ code for bitcoin, as none of the docs are real, its all bullshit, only the code is real
2.) roll you own, write your own parsers ( block chain to text, its probably best to do CSV), most of the database programs can handle 200GB very well; probably best c/c++ & python
3.) have many databases that are selective for each mission, one for addresses, one for balances ( short life ), one for public-keys, ..
4.) Have many bloom-filters for all of the above, searching for the monkey means O(1) search time, you can have just a bloom for address, you need blooms for your rain-bow table, for your private-key warehouse, for your public-keys, for your ecdsa integer farm, ...
5.) getting back 2, none of the code on github works, I mean NONE, its not maintained, and it will all lead you to dead ends, if a guy actually wrote a 'bot' that harvested valuable addresses and swept those accounts he would NOT give that software away for free, 99% of the shit you find on GITHUB is somebody's dead-end,
6.) study all the papers on the subject, there are 1,000's of well written technical papers on ECDSA SECP256, read them all, write your own sig ecdsa software write your own hash library, vector everything, always place vector check points every few 100 steps so you know everything is working.
7.) there are 1,000's of variables, and it only takes one to generate false-positives, know at all times that all  your inputs are correct,

8.) have a bell or timer set to generate music, I have a A-G guitar chord set,so depending up what my bots find, they play the different chord sets so that I know the nature of the problem, and the chord set doesn't nauseate people  around the house

9.) I find that hacking BTC is harder than mining, but far more interesting,

10.) Don't be a fool, if you don't have years of experience in programming, cryptograhy, database, networking, math, physics, then your chance of making any kind of interesting discovery is nil; Lots of smart people working on this "Discrete Log Problem" for a long time, if it were an easy problem, then it would have been solved, I think some 50 years since computers have been generally available people have been trying to solve this problem by brute-force

11.) like I said there are 10k ways to hack btc, there is the address angle, the public-key angle, the random priv-key angle, ... the ecdsa pool angle, ... you need to really play around with all until you find a method that works for you, then dive deep and really understand why your succeeding, don't try to do them all, there is too much, just doing the ECDSA can be a full time job for a mathematician

...

Most of this stuff is done for intellectual curiosity IMHO its to much work for the 'get rich quick moron' which are the majority of this board, its far easier to clone your own coin, start your own mining pool, or exchange and rip people off if you goal is to 'steal', most of us when we do find coin, are more than happy to make note of the find to the owner.

It's a vast multi-disciplinary field 'hacking btc', I can see it become a major career path, there are already dozens of masters thesis written on this subject, bound to be many phd's born of this stuff

For the young kid, I can offer no better path than BUTERIN did, first study the BTC source, and master that, then write your own btc client/server in python, and completely understand all, then modify your source so it can output 'data' as you want, ... Most of the 'action' is happening now, most of the easy stuff that is talked about in papers or this forum is what happened in 2014 or earlier, ... unless you write your own client/server that is tuned to study the now, your not going to make 'great' discovery's.

Passive Analysis is still wide open, very little work has been done on the block-chain using machine learning or digital signal processing techniques, but then again like the stock-market, what bitcon did in the past in terms of private-key generation means nothing tomorrow, as the core-devs are constantly hacking the code, and fixing the 'holes', thus to find the new holes, you must stay one step ahead of the core-devs,


Title: Re: Thoughts on this private key stealing mystery
Post by: bitfools on January 06, 2018, 07:53:07 AM
Wow  :o

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.

Amazing, if any of it were true, Upon reviewing this article, I took to myself to spend 1/2 hour and run some of these things, I have a database of 5 million BTC addresses, and every public-key ever used, both hashed and open, and I ran the addresses though the system, I found less than 1,000 addresses have been used as 'seeds', and I found of that only 'one' had ever had a transaction, ... Not VERY INTERESTING ( So somebody ( most likely the OP, created 1,000 private-keys on BTC using 'address' as the SEED, but never used them, ... so what? ); Sounds like somebody was bored that day, and ran a batch file that terminated at 1024

Then there is the BS about using tx's and merkels for your private-key, or hashing them, these are just random numbers after they're hashed, there was NO 'order' to begin, with hashing high-entropy, is high-entropy, if you want to cultivate private-keys for REAL that have been used ( that's the GOAL right?) Then you need to leverage off the human weakness issue and that is seeds need to have a deterministic nature that came from humans, not random shit.

The OP lists 5 ways to 'hack-btc' I found all to be non-workable, certainly if it be true that a few of these were places as back-doors by a wallet 'engineer' ok, I can dig that, but looking at this stuff from 'hacker' point of view its all a waste of time,

Of the 5,  only the one about seed('cat') times N ( running sha256() n times on the result )  was interesting, the OP makes it sounds like he found many where N > 1, ... but the reality is such that if you take all known seeds, and start N'ing them by N++, you will vanish to zero at 2, ... sure you might be lucky and one time at seed*1975 get one hit, ... but that is just an anomaly

The fact is this kind of stuff in real world would be from 'hand rolled' private addresses and its just not that common, unless the guy is an engineer and hand-rolls from SSL, or that is high-entropy, that works.

Given that using random data from the block-chain for your private-key; hashed or not is a jerks game, and thus by definition a JERK has no BTC, thus its a complete waste of time for a 'professional hacker' to follow any information in this post.

IMHO this article is a sci-fi fairy-tale that can be told to bitcoin wannabe's and their boyfriends.


Title: Re: Thoughts on this private key stealing mystery
Post by: Kakmakr on January 06, 2018, 08:38:39 AM
Blockchain.info has a bit of a reputation regarding flaws in their code : https://www.coindesk.com/blockchain-info-issues-refunds-to-bitcoin-theft-victims/ and I guess something like this might go undetected, if they took that long to discover that.

Blockchain.info will deny this, like most Banks do, when exploits are discovered in their software.

This is why Satoshi did not recommend using third party software/wallet providers, but as usual nobody is listening and they use the GUI friendly options out there.


Title: Re: Thoughts on this private key stealing mystery
Post by: Spendulus on January 06, 2018, 06:13:39 PM
Wow  :o

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.

Amazing, if any of it were true, Upon reviewing this article, I took to myself to spend 1/2 hour and run some of these things, I have a database of 5 million BTC addresses, and every public-key ever used, both hashed and open, and I ran the addresses though the system, I found less than 1,000 addresses have been used as 'seeds', and I found of that only 'one' had ever had a transaction, ... Not VERY INTERESTING .....
IMHO this article is a sci-fi fairy-tale that can be told to bitcoin wannabe's and their boyfriends.

I am afraid arguing "against this" is like arguing against the theory of God.

You cannot prove your point.

There are an infinite number of possible variations on the embedded hints and seeds and secrets.

For example, assume not that "seed" is embedded and with "seed you can discover the private key.

Now consider k=numeric value(seed)+c

Where c is a constant.

Have fun....


Title: Re: Thoughts on this private key stealing mystery
Post by: keyboard warrior on January 08, 2018, 03:21:19 AM
This might mean nothing, but I searched for a few of those addresses from the OP in walletexplorer, which is a site that guesses which service owns an address. It probably uses taint analysis.

It said a few of those addresses were part of a wallet it calls MtGoxAndOthers. These are three such addresses.

https://www.walletexplorer.com/address/1kN83e7WRtsXD7nHn51fwdEAi51qk5dEe

Quote
1kN83e7WRtsXD7nHn51fwdEAi51qk5dEe
part of wallet MtGoxAndOthers

https://www.walletexplorer.com/address/1JhWnRjRm7AhbvSBtEifcFL8DkEKQiWRZw

Quote
1JhWnRjRm7AhbvSBtEifcFL8DkEKQiWRZw
part of wallet MtGoxAndOthers

https://www.walletexplorer.com/address/1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1

Quote
1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1
part of wallet MtGoxAndOthers

I don't know how reliable walletexplorer's guesses are, and I'm only speculating it uses taint analysis to make its guesses. Walletexplorer couldn't guess where most of the small fraction of addresses I checked from the OP came from, it only guessed those three.

However, I only checked a small fraction of the list, I don't have time to check them all. Also the coins sent to all three addresses were sent after February 2014 when Mt. Gox had closed and filed for bankruptcy protection.

I don't understand how walletexplorer guessed that an address unused before Mt. Gox closed could belong to "MtGoxAndOthers" based on a transaction sent after its closure. Maybe it's because "MtGoxAndOthers" is a very vague name.



Title: Re: Thoughts on this private key stealing mystery
Post by: dado7 on January 08, 2018, 09:48:05 AM
OK, this vulnerability got me thinking and really should be read by everyone so that we can all broaden our views a little bit. Bitfools commentary really made me laugh and I agree with him to certain extent, but I wouldn't say it is a fairy tale - it is obvious that this lady/guy has put some effort and at least I am glad there was a through research made by blockchain.info.

This case and case of Large Bitcoin collider shows us that, no matter how safe we believe the technology to be, we have to continue to read, research, study, and adapt. Always remember that the producers of Titanic believed it to be unsinkable and remember that the human race has a vast history of adopting something it had not been ready for yet (nuclear energy for example....).



Title: Re: Thoughts on this private key stealing mystery
Post by: robolove on January 30, 2018, 04:32:03 PM
Mind=blown

Wrote a couple of scripts and tested myself. Shit is real. Take a look at this guy, for example. Last transaction only a couple of days ago:

https://blockchain.info/address/1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN

"Jeff was here" is all over the blockchain. Guess he (she/it) has a compiled majestic wallet with a script that immediately transfers any incoming transaction to his own safe addresses.

Congrats Jeff.


Title: Re: Thoughts on this private key stealing mystery
Post by: wijaywi on February 01, 2018, 03:35:06 AM
yes I also have been aware of that .. when I was found the private key made from the bitcoin address created from the "genesis-address transaction(block0)" .. and found there's a  transactions in that address.

.by the way ..who is the owner of this "vanity address eater" bot
(1aa5cmqmvQq8YQTEqcTmW7dfBNuFwgdCD)
???
  ;D



Title: Re: Thoughts on this private key stealing mystery
Post by: robolove on February 02, 2018, 10:51:23 AM
sha256(666) leads to 1Az4F5yC19WZt5XMuc6x11xJM81VcJyHQA which in 2014 received 666 satoshi. Hell, that's funny.


Title: Re: Thoughts on this private key stealing mystery
Post by: qu4ntum on February 07, 2018, 10:44:24 PM
 I was trying to do the same steps pointed in the original article, but first of all I tried to get the whole database from the blockchain.
I used ABE library to copy the data from bitcoinCore to a SQL database, unfortunately, It take a looooong time to make this job. So, I was wondering if anyone could tell me how to make this job as faster as possible. I'm trying to do this as exercise. I'm new in the bitcoin world, but i'm used to programming in a python and C/C++ throughout my career.
Could anyone explain me the faster way to put the whole blockchain into a database?

Thanks for your time!


Title: Re: Thoughts on this private key stealing mystery
Post by: systemist on March 08, 2018, 03:40:26 AM
Mind=blown

Wrote a couple of scripts and tested myself. Shit is real. Take a look at this guy, for example. Last transaction only a couple of days ago:

https://blockchain.info/address/1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN

"Jeff was here" is all over the blockchain. Guess he (she/it) has a compiled majestic wallet with a script that immediately transfers any incoming transaction to his own safe addresses.

Congrats Jeff.

I've read your post and seen that you wrote a script for this, can I see the script that you wrote? I would like to know how it works and reverse engineer this particular script.
Please pm me. Thanks!


Title: Re: Thoughts on this private key stealing mystery
Post by: Tai_Pan on March 08, 2018, 02:23:39 PM
If I were able to find a private key from an address with a decent amount I would really consider to go Robin Hood-ish on it...
There are so many people in desperate need that it would worth it


Title: Re: Thoughts on this private key stealing mystery
Post by: Hysmagus on March 25, 2018, 06:43:16 PM
From the digging the user /u/n0mdep did on reddit, it appears to be an old PHP library issue, wallets using this library may be a possible source. One of the addresses ("1JCuJXsP6PaVrGBk3uv7DecRC27GGkwFwE") is mentioned in a 2017 PHP bitcoin shopping cart issue. https://github.com/coinables/Bitcoin-NoAPI-Shopping-Cart/issues/2


Title: Re: Thoughts on this private key stealing mystery
Post by: hell78 on March 29, 2018, 05:17:20 PM
I was trying to do the same steps pointed in the original article, but first of all I tried to get the whole database from the blockchain.
I used ABE library to copy the data from bitcoinCore to a SQL database, unfortunately, It take a looooong time to make this job. So, I was wondering if anyone could tell me how to make this job as faster as possible. I'm trying to do this as exercise. I'm new in the bitcoin world, but i'm used to programming in a python and C/C++ throughout my career.
Could anyone explain me the faster way to put the whole blockchain into a database?

Thanks for your time!

I would like to know as well. What software he used to store database and also what program to manipulate/query it

Anyone know what program to create a bot with?


Title: Re: Thoughts on this private key stealing mystery
Post by: fairponzi on May 21, 2018, 11:25:08 AM
I was trying to do the same steps pointed in the original article, but first of all I tried to get the whole database from the blockchain.
I used ABE library to copy the data from bitcoinCore to a SQL database, unfortunately, It take a looooong time to make this job. So, I was wondering if anyone could tell me how to make this job as faster as possible. I'm trying to do this as exercise. I'm new in the bitcoin world, but i'm used to programming in a python and C/C++ throughout my career.
Could anyone explain me the faster way to put the whole blockchain into a database?

Thanks for your time!

I would like to know as well. What software he used to store database and also what program to manipulate/query it

Anyone know what program to create a bot with?
You can use https://www.visualstudio.com


Title: Re: Thoughts on this private key stealing mystery
Post by: f3tus on July 16, 2018, 01:39:43 PM
I did something similar with Ethereum:

d4e56740f876aef8c010b86a40d5f56745a118d0906a34e69aec8c0db1cb8fa3 is the Genensis hash of Ethereum, which is also used as the private key of this address: 0xf7656Eeec49cC7c2DBee3c08c9f203B25F093cDF

The Merkle root of Bitcoin block 229670 (https://www.blockchain.com/en/btc/block/00000000000000ee39243f076342d74f24863abb15968bf25af5964197f5a28f) f7a9b2306585fb4801e4b61424dd5523c50f18b2b10011583f265b1d70f481ea is the private key of this address: 0xb8629E8E54f393DCAc2990e59887594C94A7E45F

The hash of Bitcoin block 478610 (https://www.blockchain.com/en/btc/block/00000000000000000028389f5b592cbf08ca0451c675432f6060f97d8425fe51) 00000000000000000028389f5b592cbf08ca0451c675432f6060f97d8425fe51 is the private key of this address: 0x91f5A4A03614F131B36671006511f75580c4E550 (a user on BitcoinTalk.org used it, I contacted him to change it)

SHA-256 of the Bitcoin Genesis address 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa, which is 31a9d2e8a70a091d65a58d2a08f8833abf5e8fa1d741c5400c538c38668cb83e, is the private key of this address: 0x700683cFcFE580318CB338E1a8AfCe6C25bB8ceB

Some "brain-wallets":

SHA-256: password : 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8 : 0xfb35AD702E715E61A3F362C62DA7C1BD235102FC
Keccak-256: 123456789 : 2a359feeb8e488a1af2c03b908b3ed7990400555db73e1421181d97cac004d48 : 0x62F689837da39B1B50aD39D79E924989E340E0bB
Keccak-256: hello : 1c8aff950685c2ed4bc3174f3472287b56d9517b9c948127319a09a7a36deac8 : 0x5ccfa55C29F0522f062E3C15004E35a69dD45F6B
SHA-256: asdf : f0e4c2f76c58916ec258f246851bea091d14d4247a2fc3e18694461b1816e13b : 0x5aF95f4e0803B739E49B1239bB5Fbe91bD058caD
Keccak-256: testing : 5f16f4c7f149ac4f9510d9cf8cf384038ad348b3bcdc01915f95de12df9d1b02 : 0x89112E3aE3D40362373153c9f08D665ED1e39a7c
Keccak-256: spiderman : ed16b5577f12fd01d27e13991713b21024a88f47de0a0cc9683c6b9391636ad9 : 0xE607194804516037b14Aa050584c4e950975b0F3
Keccak-256: knickers : 6f4fb7f3b1f4ba1b2d4ee901fff911e8ab97299dade221706b7ee65d72343c7a : 0x5de7e496AAc28C05b93d05e4449635b08AEB26Bb
Keccak-256: eeee : 6a7eac42970039e18dca0f0dbd37da2b9e1c04d2026fada6125ee7bfc086708a : 0xc4709734FeAafb57F2CB4c3537F2dfB721f5E3DA
Keccak-256: 12qwaszx : 53652a8bf2e5daa4e38965cb1474f651a62cfd01cdd23d9ca3c64d97fd3a4165 : 0xC5989f90f41c2F4dF71076680A597432136bC10d
Keccak-256: 2 : ad7c5bef027816a800da1736444fb58a807ef4c9603b7848673f7e3a68eb14a5 : 0xDCEceAF3fc5C0a63d195d69b1A90011B7B19650D
Keccak-256: 8 : e4b1702d9298fee62dfeccc57d322a463ad55ca201256d01f62b45b2e1c21c10 : 0xe0FC04FA2d34a66B779fd5CEe748268032a146c0
Keccak-256: 14 : 5c4c6aa067b6f8e6cb38e6ab843832a94d1712d661a04d73c517d6a1931a9e5d : 0x00c40FE2095423509B9fd9B754323158Af2310f3
Keccak-256: 123 : 64e604787cbf194841e7b68d7cd28786f6c9a0a3ab9f8b0a0e87cb4387ab0107 : 0xF46b6B9C7cB552829C1D3dFd8FFb11aaBaE782F6
SHA-256: 935 : b064bdba191139689139124101c1c39926326a9b221bd8dfcd603f065c3dc3b8 : 0xc4704D90cE139d919903ABFD8519F6D393c01B4C
SHA-256: 1870 : cf085574d40ec95878b1c306a9b2432d86c05f888edc87a39708000b3e58b5f9 : 0x3e371363C6B77c0819817bFeb8C98D6A4dbc9efE

SHA-256 of an "empty string" e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 : 0x41aD2bc63A2059f9b623533d87fe99887D794847

I didn't check txids of either Ethereum or Bitcoin if they've been used as private keys, didn't check token addresses, contracts, and I only used Bitcoin addresses that currently have some BTC in them, not every address ever used, so there still might be some addresses to be found.

Needless to say, there's nothing in these addresses any more.


Title: Re: Thoughts on this private key stealing mystery
Post by: Lionheart001 on July 18, 2018, 09:01:34 AM
This is mind boggling, thought provoking and quite an eye opening piece. The author is simply genius and those folks exploiting this are geniuses too. Wished I know how to code, I will be a white hacker like this dude right here.  ;D


Title: Re: Thoughts on this private key stealing mystery
Post by: keychainX on July 30, 2018, 11:55:55 AM
Actually they are not all empty... several have "dust" and one did have a transaction just few weeks ago...


Title: Re: Thoughts on this private key stealing mystery
Post by: TheArchaeologist on August 15, 2018, 09:53:28 AM
Quote
Experiment 1
------------

My first experiment was to see if anyone used a block hash as a private key. That would actually be a nifty way to 'compress' 32 bytes in your head.  You would only have to remember the block height (which is only maybe 6 digits) and the corresponding larger 32 byte number would be saved for all time in the chain itself!

Results: Success! I found 46 addresses that had some amount of bitcoin sent to them between 2009 and 2016.  As expected, these all had 0 balances either because the owner had taken them back or they were discovered by someone else.

Here are two examples. You can use blockchain.info to see these hex values are actually block hashes from early in the chain.  This happened on/off up until mid-2016.

1Buc1aRXCqdh6r7PRYWPAy3EtVFw5Ue5dk 000000006a625f06636b8bb6ac7b960a8d03705d1ace08b1a19da3fdcc99ddbd
1KLZnkqU94ZKpgtcWCRs1mhqtF23jTLMgr 000000004ebadb55ee9096c9a2f8880e09da59c0d68b1c228da88e48844a1485

I will be conducting the same experiments and would like to share the results with you. The first experiment as was stated by the OP was to use a block hash as a private key. He/she was even kind enough to provide two examples. I tried to reproduce the findings only to find out the claim simply isn't true:

Code:
Used as private key    : 000000006a625f06636b8bb6ac7b960a8d03705d1ace08b1a19da3fdcc99ddbd
Remark                 : block hash from block #2

OP address found       : 1Buc1aRXCqdh6r7PRYWPAy3EtVFw5Ue5dk
Found compressed       : 1BVwDR5zkyz9zEVvMnETQdQcupHZrTx5rR
Found uncompressed     : 1C85rYD83TgHB8kAWZvF2UvUBPjrLphwCy
So no match found here. 1Buc1aRXCqdh6r7PRYWPAy3EtVFw5Ue5dk as reported by OP is not generated by using the claimed block hash as a private key.

Code:
Used as private key    : 000000004ebadb55ee9096c9a2f8880e09da59c0d68b1c228da88e48844a1485
Remark                 : block hash from block #4

OP address found       : 1KLZnkqU94ZKpgtcWCRs1mhqtF23jTLMgr
Found compressed       : 16X3KngmmQ1x5roBz71boZ3b55qCRC1D51
Found uncompressed     : 16Aci1HqAAKZtLWRGJAqhfzm8bSFS6X4iB
So no match found here. 1KLZnkqU94ZKpgtcWCRs1mhqtF23jTLMgr as reported by OP is not generated by using the claimed block hash as a private key.

I used every single block hash for blocks 0-536830 as a compressed/uncompressed private key and couldn't find a single one used to generate an address which has been used in the past. Unless I've done some terribly wrong (and if I did please let me know!) I think the claim of OP block hashes have been used as private keys is false!

EDIT: As pointed out by Thirdspace in this thread below my conclusion was not correct. I will let this post up and correct my errors in a follow-up post


Title: Re: Thoughts on this private key stealing mystery
Post by: TheArchaeologist on August 15, 2018, 10:28:54 AM
Quote
Experiment 2
------------
Similar to my first experiment, I then searched for addresses that were generated from the merkle root used as a private key.  (BTW, I searched for both compressed/uncompressed keys, so each 32 bytes resulted in two address look-ups from my database).

Results: Yes! I found 6 addresses again up until mid-2016.  Even though every address I found had a 0 balance (again expected), I was having fun with my success!

Example:

13bkBdHRovsBkjM4BUsbcDNr9DCTDcpy9W 6c951c460a4cfe5483863adacafad59e5de7e55876a21857733ca94049d7d10c

Similar to merkle root and block hashes, transaction ids (hashes) also seem to have been used as private keys. Still nothing alarming to me thus far.
I conducted the second experiment myself to check the claims of the OP. I first tried to reproduce the given example:


Code:
Used as private key    : 6c951c460a4cfe5483863adacafad59e5de7e55876a21857733ca94049d7d10c
Remark                 : merkleroot of block 3647

OP address found       : 13bkBdHRovsBkjM4BUsbcDNr9DCTDcpy9W
Found compressed       : 16jhNgoeuthu38TSS4RmuyACUugCnVwuKD
Found uncompressed     : 16kGmzXkysx12qUSRDWruvNng8ewUV6rPL
Once again the provided example can't be matched to the given address. 13bkBdHRovsBkjM4BUsbcDNr9DCTDcpy9W as reported by OP is not generated by using the claimed merkle root as a private key.

Quote
Results: Yes! I found 6 addresses again up until mid-2016.
So next thing om my agenda checking all the merkeroots from blocks 0-536830. And yes, I also came up with 6 results:

Code:
4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b -> 1Gt4G9kRDNCRNAoiLPwLZdLcdn7VUSfqMN [UNC]
749845497284ecf84ad16baa69d342d5c828403a53d5df3dba1d6743ad54db13 -> 1CSsutw7JFAj66AkyMPsDVvZ7yi2aoNyh2 [UNC]
04b9ac63b6ef06cc5a68502c6d220f70f0758850fd0ec2433112949cdf5c2323 -> 1D2YW26aTq5vxhZtYKAKeWJ9hsBxCkVNVu [COM]
fdd88c26ee8a3ddaf73819f612ffcfcb48104a6c38a333caee870ddbd75d4f5a -> 1FhuJVi4EAvQw3DzTcyuati22JgALKQiKq [UNC]
3cdd40a60823b1c7356d0987078e9426724c5b3ab439c2d80ad2bdd620e603d8 -> 1G3JHzv2gCUZC5CAzm2fqnaiEcCcyqEsS5 [UNC]
072723a6a5fd8fde8ee76370f6317ac9395d54b72bd8a0a54093f2980f6fb23e -> 18cFhmZgsiDe9y2J7wTs7VmdcdTyg5tsB4 [UNC]
Although not provided in the text of OP the above six addresses were indeed generated by merkle roots in the blockchain.

Update: I also ran all merkleroots as a private key as opposed to the abover where I used the merkleroot as a phrase. This experiment yielded another 4 addresses:
Code:
7dac2c5666815c17a3b36427de37bb9d2e2c5ccec3f8633eb91a4205cb4c10ff -> 198MRUHD2cvgUTBKcnroqmoTSs4b8xyLH9
2a0053e41c5e66a5f5de94ab5527c04b61b3f47b2266475bdb16025009a8b934 -> 12SyZiNJhDzNWN6Si8Na4Na5UmebKMWprY
2c8837415676c2c0fda60998ac658c89f4c6839f3dad8f81dc80da69b42fc207 -> 1PkiKjtFdwDZ9ehRx1X2G5WRfkT2AQHq91
422ced71eac08061c053b010e2b65e7704b80f7b044c2ec707cd49c9f902f25d -> 12N1t4G9nKKQE5opNSCGSg57HfkKgZTnRY


Title: Re: Thoughts on this private key stealing mystery
Post by: Thirdspace on August 16, 2018, 01:01:04 PM
Unless I've done some terribly wrong (and if I did please let me know!) I think the claim of OP block hashes have been used as private keys is false!
I've tried a few examples that you posted and I got exactly the same addresses as OP said
how did you use those block hashes & transaction ids to generate addresses?
it seems that you used them as phrases for brainwallet instead of as private keys
you should use them as Private Key Hexadecimal Format (64 chars)

000000006a625f06636b8bb6ac7b960a8d03705d1ace08b1a19da3fdcc99ddbd
used as phrase,
Bitcoin Address: 1C85rYD83TgHB8kAWZvF2UvUBPjrLphwCy
Private Key (WIF): 5KZQinREXBJSpHH2UYmSk1rM7MqMszNWUDbWre3LqM6mxgd64dv
used as Private Key (HEX),
Bitcoin Address: 1Buc1aRXCqdh6r7PRYWPAy3EtVFw5Ue5dk
Private Key (WIF): 5HpHagTDEjnWh4JUN94a3CyZrPpWQyWL5zh9jHAry27BwcDig3s

000000004ebadb55ee9096c9a2f8880e09da59c0d68b1c228da88e48844a1485
used as phrase,
Bitcoin Address: 16Aci1HqAAKZtLWRGJAqhfzm8bSFS6X4iB
Private Key (WIF): 5KZQinREXBJSpHH2UYmSk1rM7MqMszNWUDbWre3LqM6mxgd64dv
used as Private Key (HEX),
Bitcoin Address: 1KLZnkqU94ZKpgtcWCRs1mhqtF23jTLMgr
Private Key (WIF): 5HpHagTBNndKifofNeYPqTB4EkCBV88DHdvFbNtFRrvrmC89VBJ


Title: Re: Thoughts on this private key stealing mystery
Post by: TheArchaeologist on August 16, 2018, 01:11:19 PM
I've tried a few examples that you posted and I got exactly the same addresses as OP said
how did you use those block hashes & transaction ids to generate addresses?
it seems that you used them as phrases for brainwallet instead of as private keys
you should use them as Private Key Hexadecimal Format (64 chars)

Thanks for pointing this out! You are absolutely right.

I got off track when OP later on did use the input (for instance the BTC addresses) as a brainwallet and also when I found the six claimed merkle roots which also were found by using them as a brainwallet -> SHA256(Merkle Root) is private key.

I will rerun the first experiment and will update my first post accordingly. In the meantime I have succeeded in reproducing the experiment where BTC addresses were used as input to generate a private key.


Title: Re: Thoughts on this private key stealing mystery
Post by: TheArchaeologist on August 16, 2018, 06:37:04 PM
Quote
Experiment 1
------------

My first experiment was to see if anyone used a block hash as a private key. That would actually be a nifty way to 'compress' 32 bytes in your head.  You would only have to remember the block height (which is only maybe 6 digits) and the corresponding larger 32 byte number would be saved for all time in the chain itself!

Results: Success! I found 46 addresses that had some amount of bitcoin sent to them between 2009 and 2016.  As expected, these all had 0 balances either because the owner had taken them back or they were discovered by someone else.

Here are two examples. You can use blockchain.info to see these hex values are actually block hashes from early in the chain.  This happened on/off up until mid-2016.

1Buc1aRXCqdh6r7PRYWPAy3EtVFw5Ue5dk 000000006a625f06636b8bb6ac7b960a8d03705d1ace08b1a19da3fdcc99ddbd
1KLZnkqU94ZKpgtcWCRs1mhqtF23jTLMgr 000000004ebadb55ee9096c9a2f8880e09da59c0d68b1c228da88e48844a1485
[/quote]

Please note my previous conlcusion on using blockhashes as private keys were not correct as pointed out by Thirdspace. This is a correction post with the results of a proper experiment on block hashes

The first experiment as was stated by the OP was to use a block hash as a private key. He/she was even kind enough to provide two examples. What wasn't clear to me before but is now is the fact those blockhashes themselves were used as private keys instead of using those block hashes as phrases.

Code:
Used as private key    : 000000006a625f06636b8bb6ac7b960a8d03705d1ace08b1a19da3fdcc99ddbd
Remark                 : block hash from block #2

OP address found       : 1Buc1aRXCqdh6r7PRYWPAy3EtVFw5Ue5dk
My address found       : 1Buc1aRXCqdh6r7PRYWPAy3EtVFw5Ue5dk
Remark                 : 80 + '000000006a625f06636b8bb6ac7b960a8d03705d1ace08b1a19da3fdcc99ddbd' as the full private key
The address 1Buc1aRXCqdh6r7PRYWPAy3EtVFw5Ue5dk as reported by OP is indeed generated by using the claimed block hash as a private key.

Code:
Used as private key    : 000000004ebadb55ee9096c9a2f8880e09da59c0d68b1c228da88e48844a1485
Remark                 : block hash from block #4

OP address found       : 1KLZnkqU94ZKpgtcWCRs1mhqtF23jTLMgr
My address found       : 16X3KngmmQ1x5roBz71boZ3b55qCRC1D51
The address 1KLZnkqU94ZKpgtcWCRs1mhqtF23jTLMgr as reported by OP is indeed generated by using the claimed block hash as a private key.

So after my previous attempt of using all blockhashes as a private key I this time ran the correct experiment by checking each blockhash as the actual private key. I found 48 (!) addresses this way (including the 2 OP provided as an example):
Code:
000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f -> 164qRoL9B3oxAZCn2RS6kAFejJQyAEcjaw
000000006a625f06636b8bb6ac7b960a8d03705d1ace08b1a19da3fdcc99ddbd -> 1Buc1aRXCqdh6r7PRYWPAy3EtVFw5Ue5dk
000000004ebadb55ee9096c9a2f8880e09da59c0d68b1c228da88e48844a1485 -> 1KLZnkqU94ZKpgtcWCRs1mhqtF23jTLMgr
00000000841cb802ca97cf20fb9470480cae9e5daa5d06b4a18ae2d5dd7f186f -> 1CLoKbp4a5du6Nzs21UbFFqDZE3Ls7GnAF
0000000067a97a2a37b8f190a17f0221e9c3f4fa824ddffdc2e205eae834c8d7 -> 1Kn9aRbWxxnTsnLcFTS2LjDV9PDLQGzJpZ
000000006f016342d1275be946166cff975c8b27542de70a7113ac6d1ef3294f -> 1MGFq4ot2DqMJQG5tGPEpwA1ZG6XPGmSsV
0000000098b58d427a10c860335a21c1a9a7639e96c3d6f1a03d8c8c885b5e3b -> 1FSK393znD9i4ViQSTfXKbuhw1pPLjjrvC
000000000cd339982e556dfffa9de94744a4135c53eeef15b7bcc9bdeb9c2182 -> 1JAj2zj9Fj68y4EKZkbtGv4z6XvbBQ5iY4
00000000fc051fbbce89a487e811a5d4319d209785ea4f4b27fc83770d1e415f -> 15CL3ezLrNq4YVGxAXyu7rb2hWQmEhPSH8
00000000314e90489514c787d615cea50003af2023796ccdd085b6bcc1fa28f5 -> 1NJvd1gcxiGmxS7NSub1HsazVewrJH7r3K
000000001fa8db1f15a9abd900cce0df7823a8397f2728b1d275e8fe0c0d2df0 -> 1w9FMNMRcwQ6g7uU3cDxo9QjXh4qKgS1s
00000000ee1d6b98d28b71c969d4bc8a20ee43a379ce49547bcad30c606d8845 -> 18AZXGaaexCt7H6URZxCHWnp4bZb3mnXGk
0000000066bd6eb18ac2a759d0287a0ce3c874de071a18fe191ee2181c652c89 -> 19MeQVWWiQRCzxb9Hhh6myThk7xSQ1FZKs
00000000c5fef55bc9cc3d4bd26d4f5495af1dba2c4e284a3e9915f7c4a77980 -> 1MyRduQBLWe1dRdFaeFEQsWUwC8Ng3NRwN
00000000d2650ca85996b3a6766fcfecfa0d18a433d6c482e3a400eb46c4507d -> 12uoPJKtoogGYQRh2a8vQEAc6Rwsi5jhnk
0000000000511a5356c93057e512af0c87f3db86a5c24285f8870d2f9f5d4005 -> 1QCnp7ifrJxZVZYov7MFvENG4arKZzSWnv
00000000000002d214e1af085eda0a780a8446698ab5c0128b6392e189886114 -> 18ot9XCfzfWkaGQLcDR9xdzBDtimhEsPTG
00000000000005129a339a388082bb6dcd185560dab135f048d0021912bf2c96 -> 19iQR6Pmjk6zKN7XaSTZJ3NLpwg2bSxAfN
000000000000056a303dd8a19509c1a74176c1324a923e237b1e7ffbadf38849 -> 15XQrFhNbiQQW71tYxp8ySTVpmb4pmoLRU
0000000000000a2c73285546b59ad9c523bbaa9b2d9b9a9b7e4bfb074a700008 -> 12Mdmf8AD4YurjnjtpwcEbUzoHkvPuffqD
00000000000004c9c29225b11b3ec75294d201613046fad170848d919c61f279 -> 13MTQYzxyqEF9yB4BjztwNQfJ52dWfgUdk
00000000000001aeceb6762e33bb6fbdbdb75b99f229992d99f726286bfef6eb -> 1ECEY4i6PN8rVuain78BrcDEr3VWx8z8c3
0000000000000453918365cc3bd4cc332f1cdaa9d634090585102d299a70dd8b -> 1Czo9PruXzXmChGAXs7LFg9U29ZeitgHSz
000000000000031d5731617e8014e2efd7524bc728976f736c4217d9888e9eb8 -> 16N2LPXmu1V5KSiRiJ5yznuHzUF6sSkHPw
0000000000000040412b763328116fea4b69a1f30e5cf18ababbd3ac59ab2159 -> 1BiSjbXeMfTE5mUxiLxE8VTaaDA3evJWkj
000000000000012e75d835d232050cf42f7a250846cd544fbd97d4d6b1079f9a -> 17nffrVW4YyoEQo7dTbbz58FiaE31RQFEv
000000000000002383789cd830d99c6488d1555a19ed8bc9a6ed6f785f44aa2b -> 1A9R831fPkbh4XpVdttdbdiua1akpRGc22
0000000000000043371e55643e3cb2b48eb4681bc82e7be5c88e5f85272e7bfb -> 1Gu8UmXCEjaFmcycAg3tjih9BvmMuQWUVe
00000000000000e09b60cf59246a697d7e7f449d1f8b6528faad28bb2ad23fd3 -> 1FJ46MfT7ib527NvKUkU8bdTsJGmz1aoB
000000000000029f4bc71ecd64f13068876ee910cafe4bca8d46d1c38a5bb6bb -> 171t2vYmyrsiNNCNp5Zwh7VJ4HYtjUP85z
00000000000003fd22aba8da396d0d3a0edebe0ee52a717c8b86cca25c069be4 -> 15Caj8dTaVV96ePfTZWEg6MZqy1GQoRynT
0000000000000370f35f87be6d291757cb7d711d8dbeda7251484dc4090738f7 -> 1FGQJrCpjcxcNE9abpwejg5DprymaQdEVe
000000000000028387c182975dd5dff74cfec7c5e539b19d2d53e59f2ea1d2ae -> 17g7p5aGKU9v7Y6qqpdeiPVFZ5rEzdLh3p
000000000000038a4eb01e85c45fcbd5ebf2d1b2e0dafeb9d4b9cf0ea983964c -> 17yb2XAcaMn7u9UF7vLSMB3LCuziFV8q3u
0000000000000114420273c901e448a0a51a89fe2e6964541994c7eb1a3e615b -> 1LddbPU8TuMepABqL4enkvTUnHfp43xZmk
0000000000000061edd85e375b354773f096081a20829a3ca376eb2ef3a41ba2 -> 1EvbFBWc9yBCNb1LYSkstVXwu9gA6rkEfX
0000000000000026a26d1ff45a72236f12de3ad5ff703aebec322f52ac8ed9dd -> 1MV3wHfgFr3xF8LRxW16opXt8PbowT3Euu
000000000000001f19cf4788a71e35949b261a62e90f09027d76c57fda7d75ba -> 1M7NPSWTX5MjkbrsrastjTH7bT76RmhLEP
00000000000000000577caf7823c048ee34cec0ab2fc82d4b8e55b022fe35cfd -> 1Ph44tVkbEm4GivAfUR7u2i1925ZzUcs8x
0000000000000000104f6217dcedfda795fa34278ddc67e485f243314de9de77 -> 14VYx8XFeRtyAV33BLvGX3ZTBu4YNT4Bzv
0000000000000000116309fe12f087fed3acdcd7622d93e5cc898b6bc5040160 -> 1Lhndi7kuTZNG3XiTn4Lvb4EM8x8DesvUx

Thanks to Thirdspace who pointed out my previous mistake I was able to reproduce the experiment OP has done and came up with 48 addresses based on a private key equal to a blockhash from a block in the range of 0-536830.


Title: Re: Thoughts on this private key stealing mystery
Post by: TheArchaeologist on August 17, 2018, 08:03:53 AM
Quote
Experiment 4
------------

My last experiment is the one that led me to believe someone was siphoning bitcoin from some service on a regular basis and has been since 2014.

Take a look at this private key:

    KyTxSACvHPPDWnuE9cVi86kDgs59UFyVwx2Y3LPpAs88TqEdCKvb

The public address is:

    13JNB8GtymAPaqAoxRZrN2EgmzZLCkbPsh

The raw bytes for the private key look like this:

    4300d94bef2ee84bd9d0781398fd96daf98e419e403adc41957fb679dfa1facd

Looks random enough. However, these bytes are actually sha256 of this public address!

    1LGUyTbp7nbqp8NQy2tkc3QEjy7CWwdAJj

I discovered this by performing Sha256 on all the public addresses I had collected from the setup of my experiments and then seeing if those addresses (from the generated private keys) were ever used.  Bingo!  Lots were coming up.  I searched a fraction of the chain and found dozens.  I also found these addresses had bitcoin sent to them very recently (within weeks/days of when I discovered them.)

I asked myself, "Why would someone do this?"

At first, I thought this was someone who thought they could get away with having to remember only one piece of information rather than two.  Maybe they have one favorite address/private key combo and derived another from that one?  I thought it was possible.  You could keep doing this in a chain and derive as many as you wanted and only ever have to remember the first one.  But I ruled this out for one simple reason; bitcoins transferred into those addresses were being transferred out within minutes or SECONDS. If someone generated these private keys for themselves, then why would the coins be almost immediately transferred out in every case I looked at?

Here are some more (complete list at end of this doc):

16FKGvEtu5KPMZqiTK4yjmsSZsJLyxz9fr from Sha256(1CRWfJdgVrfKLRS4G3vTMRhEQrCZZyHNMo)
1HwxL1vutUc42ikh3RBnM4v2dVRHPTrTve from Sha256(1FfmbHfnpaZjKFvyi1okTjJJusN455paPH)
1FNF3xfTE53LVLQMvH6qteVqrNzwn2g2H8 from Sha256(1H21ndKEuMqZbeMMCqrYArCdV8WeicGehB)
Note: I skipped experiment no. 3 since it was just a few random inputs not related to information stored in the BTC blockchain.

I could reproduce the findings of OP without a problem for experiment 4. The given examples all match with addresses provided. So it was time for me to run the same experiment on every known address on the blockchain (up until block 536830)

And I found a total of a whooping 148 addresses where an existing BTC-address was used as the passphrase for another one. My findings:

Code:
Used as Passphrase:                   Resulting used address:  
1KrutzZZ7rth6D9wasfGz2oy9R6k1RCL9n -> 1HJx3CqdaHAX6ZYRBHDvM5skg2Vh7GeZBD
1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T -> 19QBydCuMiY7aRTbkP2tb3KQJUWkTrr5Xi
1JoshVWQDa7DzXqN3wQ9dbig5WEfaAzHcM -> 1Hg9pi75XWAT9pB3faXQFKKZbh98cbM5m
15SP99eiBZ43SMuzzCc9AaccuTxF5AQaat -> 18XAotZvJNoaDKY7dkfNHuTrAzguazetHE
1Q81rAHbNebKiNH7HD9Mh2xtH6jgzbAxoF -> 1LgwKwv9kt8BwVvn6bVWj8KcqpP9JSP1Mh
145Sph2eiNGp5WVAkdJKg9Z2PMhTGSS9iT -> 1HhNZhMm4YFPSFvUXE6wLYPx63BF7MRJCJ
1FEwM9bq3BnmPLWw5vn162aBKjoYYBfyyi -> 18VZKyyjNR8pZCsdshgto2F1XWCznxs86P
1CVPe9A5xFoQBEYhFP46nRrzf9wCS4KLFm -> 1LVRWmpfKKcRZcKvi5ZGWGx5wU1HCNEdZZ
1BBBvd9G5YThYVVMSGSxJzQvQiQm3WxJC2 -> 1EFBsAdysTf81k72v9Zqsj3NMuo6KoWD2r
18AsiEQoLLKaF4Co1z4rxHyzJu9oqTVbFE -> 1Jsz6mahqVMJn2ayWzN6TfeWTti9tqfbSM
1HqQBiqgFK6ChJ2Vq7kbWRCbc73cjyNXv5 -> 1M2uEGihcwUPiRGETE7vF8kUiS2Z4rtV2Q
1MVqDAJo8kbqKfTJWnbuzvfmiUXXBAmX3y -> 1LWU4SbnqnfctAMbtivp2L98i8hSSCm7u7
18EF7uwoJnKx7YAg72DUv4Xqbyd4a32P9f -> 1G6qfGz7eVDBGDJEy6Jw6Gkg8zaoWku8W5
1Pjg628vjMLBvADrPHsthtzKiryM2y46DG -> 12B1bUocw8rQefDcYNdckfSLJ6BsUwhRjT
1KxUVU9DKfdaTLMnXBLS5BZRf56cFnRosk -> 1L2a5n9ar7e2v3Wz6NDFnxisigvR6urGaY
1PoHkMExsXDDBxpAwWhzkrM8fabmcPt6f4 -> 1G2rM4DVncEPJZwz1ubkX6hMzg5dQYxw7b
1PeCGFsJgqz8CcjGugGq5bPBiRDXUZHLUH -> 1FjEL7TBazaJN7WyND4uwq9wiaWDzfizkP
12XuaKzEheWbFJBno9QiV6kPCWrnWpUYTK -> 1KwUfu3gGk7n8Wz969tAztvvM4Mp4ZY57s
1F1tAaz5x1HUXrCNLbtMDqcw6o5GNn4xqX -> 16VrwSmUyvCKTXoeyrUcZ5zC7s3wkteAeF
1FfmbHfnpaZjKFvyi1okTjJJusN455paPH -> 1HwxL1vutUc42ikh3RBnM4v2dVRHPTrTve
14PnZgX8ZDABJZ8RnatkK7DQzdpkwRRPX2 -> 11EuerTwe9rxtT3T56ykX5K7J3AksPzU3
1BxzenHnSuKwqANALE5THeTCSRZkv3ReRP -> 1MJKz1M7dEQCHPdV5zrLSQPa4BGFAuNJyP
1CJBqJ3MwUVVNsqXpJx8Aecc3PWxSWPmUc -> 17S5HsEY4CLxSCU94C1Nx6pTKXWBUh7e37
1DMwZeQJXfWToRRHr5uRiKeucwDWkWLvkm -> 1ERKXYeaCy97KPdJTRbWjJDVzMbStJYqCm
1PLpQDyqDUcpK6fWpRhkkFVBw4tSK4sHkS -> 14mRxKmeEw9DCBbpR596FYmfZVdBD8MJxh
1BynBc2YUAoNcvZLWi24URzMvsk7CUe2rc -> 1MkaTR3642ofrstePom5bbwGHbuQJmrnGD
144BV4Y7tgnetk5tDKAYTGS4mjprA75zJz -> 114LdauSAu2FTaR2ChPsPTRRhjYD9PZzn2
1Ca15MELG5DzYpUgeXkkJ2Lt7iMa17SwAo -> 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit
1PAVELxB51neRmWMFqgaV3Nd78udSyEMFg -> 12G63HnPAhmBLwDfDuexaDo9ExTqbfuC59
1UvM3rBJ8Sa1anQ8Du1mj5QZapFmWF7vH -> 1MG1dTqtWVNqq3Qht88Jrie7SXp2ZVkQit
16era4SgYEcbZD1pu6oCBXGXjK2wSrePe8 -> 1MWBsFxWJrNtK2cN2Vt7j3a9r5ubfn41nx
1A7grBEjor6Sapj8KRbEGj2UrbnNt1Usxo -> 1J9SzdYMZFsLqunQfPAswzogLNBitbREMD
1JcsBzKio1curbu9AtxTySxddvT4MKT3Da -> 1kN83e7WRtsXD7nHn51fwdEAi51qk5dEe
17S3XjtEFXQoGdXnUjJJtGB1D7PTa9SsLZ -> 1KyUNmmJu3JjauVEZQUYLUEBg48GXXS1ii
1PhqA75qNM23aH9zV3uWvUhDbdwcab6q5L -> 192qwAD31JB9jHiAwaTDkd6teb2hLAkY3b
1F3sAm6ZtwLAUnj7d38pGFxtP3RVEvtsbV -> 13mbvCyxCYvATNzranCkQdpCT19VGpMFZa
1Je3tz5caVsqyjmGgGQV1D59qsCcQYFxAW -> 1A17F9NjArUGhkkiATyq4p8hVVEh2GrVah
1EjWVhiTyCdpTa29JJxAVLq27wP4qbtTVY -> 1GUgTVeSFd2L5zQvpYdQNhPBJPi8cN3i4u
16fawJbgd3hgn1vbCb66o8Hx4rn8fWzFfG -> 1J9Gtk5i6xHM5XZxQsBn9qdpogznNDhqQD
197HxXUSehthdqXM6aEnA1ScDSCR7tQmP3 -> 12eGusvkCcJb2GWqFvvE1BLDJ8pVX49fQv
1KzSULbG3fRVjWrpVNLpoB6J62xYL42AdN -> 1mbcQaPzsaBoaYP4V6uwCA74BRPhroK3r
1LFCEek8FobJRXb5YrzWJ6M2y8Tx2Xg3NB -> 1gHad7cKWDcVKFeKcLRW4FhFAyw2R7FQZ
1C1KjGATUXP6L6nnGTAh4LQcnSyLt13XyB -> 17SaWquajZZBRF5qz6HuXMRt6gvnrDyoqE
1JZwnSQz64N3F9D3E24oS4oGhSxMWDsXYM -> 1GSkK6KBVSycEU57iK6fRvSXYJ4dgkkuNt
17XQfW1R66aRBNYyJMwzn7zLf3D6sZgda3 -> 14XAGCAeUxieSzvGK3TX915PJLvX54n2Pd
13PctMqzyBKi5CpZnbastHQURrSRrow4yj -> 1pmZwNDZjpuAqW3LjYYQCEjbQYBtSxzWc
18SV4DVmytRDYB5JBAFkewUbVAp6FRpi5c -> 1KiGdZ9TUeWyJ3DyHj7LQLZgjvMHd6j2DZ
1E3D7NabEX971uV2gXT47rWQwPm3zbmvd8 -> 1Kka5bgXvpHTNDsPmhLPHae2qcK9mLS2qS
17FaMY613bKfwhrdTv5PHnucSGTJBcw3k5 -> 19cMyj9KqVq78yZe32CNhgpyuGLMwM9X8S
19cMyj9KqVq78yZe32CNhgpyuGLMwM9X8S -> 1LzGrd5QX1rG5fk7143ps9isUTEwGyzRJE
1LzGrd5QX1rG5fk7143ps9isUTEwGyzRJE -> 1Q2a1ytfujskCEoXBsjVi1FqKWHegfFKwD
1LeuaozTUT5UJX6DD4Q1VJsHh6aHpZ3YRU -> 1Mpw88XWQzLTZnq1eNs5SegZYGJu5Epky8
1XAeTJCaYJgoBDwqC1rhPhu3oXiKuMs9C -> 1EqSvLnMhbRoqZkYBPapYmUjMS9954wZNR
1FLeb3zCVG63NYAMBiUoqKYgW1tUwgMMfF -> 131XQfvE7E1NzdRQnE8XFmtkxWVRXTsb9q
1HAQB99WfrV2ttRjttUPMzRi4R1uC2ftMy -> 1Kc324Y6UUMffeYdtuXgzVC28Kx3U8cqQk
1Lu49ZKmGoYmW1ji3SEqCGVyYfEw7occ86 -> 12GZz1D1kdX3Fj7M87RFvqubam8iGrK77R
1AYKSUqCtDX1E34q4YoFnjwWSj41huWgGG -> 1cQH5XCsezkKt9zpwjHizz8YJZudDSwri
1DCfq8siEF698EngecE69GxaCqDmQ2dqvq -> 1GGFXUL1GoHcEfVmmQ97getLvnv6eF98Uu
39oArFLKkWBEqRBM7cxJnrrJihMnRmz2PT -> 1AXECcFUaSJXPk86zUrB19WJyeagVd4Qp2
1J9Gtk5i6xHM5XZxQsBn9qdpogznNDhqQD -> 1PF2gQPPAwQDfTrSuNX6t8J381D7s3bGFu
1PF2gQPPAwQDfTrSuNX6t8J381D7s3bGFu -> 153jMRXn251WyxT9nmJW2XDsFUJ648jyY5
1PfcpvjYUGu4yvpkEHmAKgDXtsLfSNyzvV -> 1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1
1CVunYyUpeCFcGAYdHrDNrXcQFBVU8gyo9 -> 1HBsFJ9VngvMjaKZjbFhNRaegkjF9NBEe
1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1 -> 1CVunYyUpeCFcGAYdHrDNrXcQFBVU8gyo9
1HBsFJ9VngvMjaKZjbFhNRaegkjF9NBEe -> 1qA59Na3WysruJbCPoomryDRCtJ4f4aLu
153jMRXn251WyxT9nmJW2XDsFUJ648jyY5 -> 1PfcpvjYUGu4yvpkEHmAKgDXtsLfSNyzvV
1qA59Na3WysruJbCPoomryDRCtJ4f4aLu -> 18VZG5Dr8bYJWadHUgh7kC4RPS1VsvH4Ks
1PDgY5PkpBNCZVWKKAq3cbGyqvwwN91z4g -> 1Gwz14Cty45h3hZ4nCEno6jSdxtQn5bc7h
16bjY7SynPYKrTQULjHy8on3WENxCmK4ix -> 15M7QfReFDY2SZssyBALDQTFVV1VDdVBLA
3LD39qD1D2tuRDs1N7kojtqVdEf9MKASXJ -> 15ymvzZR7xs5FkhRXk1JR4ufeUxukoQyuX
1LTZ9kaxRHBZH43eSmZ2KoGLHHUBV3P2S5 -> 1PcExYX3mUJ1rwa4aTLNJUpxqRLU8MxPXm
19o4Yjrd74qnZ3z87C67BShbbF4fSNHy8W -> 1CoyRECWJ4LHNiZAgAz9719chFkrDJuNMC
16bEpxSc1FDyQDXR7ZYKbyyDDxzyaaCnNS -> 1LkwU9xbVroLkH9EvxDfmMnsCikQzaUv9S
1CRWfJdgVrfKLRS4G3vTMRhEQrCZZyHNMo -> 16FKGvEtu5KPMZqiTK4yjmsSZsJLyxz9fr
1KEkEmadjTYHCiqhSfourDXavUxaiwoX7f -> 1JQ2shEPzkd3ZL3ZQx7gmmxFLvyhSg14cb
1V8tWZw4J3G5kBgafGsfoVSNQEgkxDmeA -> 1L5pzdXL4hhtMHNxFXHjjdhhSidY9kJVRk
1NPSWKXdnHa17NWTU3J6nVkyogZjmAh7N6 -> 13wY5CtwQhd7LYprEpFpkt1g9R7ErMkAwT
1AixDffKCd1cV1tz1sp8fwJQDEAYCWzQcR -> 1M5jhEDKQCYbMCXHgcRUmaxwqYmcbrEfGD
1FAv42GaDuQixSzEzSbx6aP1Kf4WVWpQUY -> 13qsbkaJM7TkA5F2dsvHeGVQ7kCo74eGxh
1H21ndKEuMqZbeMMCqrYArCdV8WeicGehB -> 1FNF3xfTE53LVLQMvH6qteVqrNzwn2g2H8
1Poi5SE42WVR2GKPrwp9U3wYqEBLN6ZV1c -> 1DBXjdbMWXmgt81E1W7AYRANVPiq12LsGd
1LdkWzq9DxopPkY1hCmQ3DezenP5PQLNC3 -> 1JvaK7jYWFNbDsJZLarXnq1iVicFW4UBv5
1JvaK7jYWFNbDsJZLarXnq1iVicFW4UBv5 -> 137XrofaWZhaZW2uB7eDsPjcwCNMTXVLot
137XrofaWZhaZW2uB7eDsPjcwCNMTXVLot -> 1D97u8Pet8YmNwKaCPUXLyi4zk1HnLF5RQ
1D97u8Pet8YmNwKaCPUXLyi4zk1HnLF5RQ -> 1G7B5eVnAQgeuGrKxcRnrmEqPLsjRkgnVF
191XapdsjZJjReJUbQiWAH3ZVyLcxtcc1Y -> 1CcSiLzGxXopBeXpoNSchagheK9XR61Daz
1Nk6a8ZfN86gaHJifcF8iGahx4scCKkwF5 -> 17hMEK4i8Nsi56huBU4i9N4Gjiw5G6X5iG
13Q8rTtdGUUt8Q8ywcEffj4oiNrY6ui3cu -> 1JhWnRjRm7AhbvSBtEifcFL8DkEKQiWRZw
1GRdTKgSq5sY3B4PiALPjKTXSXPXs6Ak7X -> 125PcPD4QXzgDwNPForSFji8PPZVDr2xkp
1Et9zapAxsBLJ3bvY7LDTuHif5cH7mZiBE -> 1AoocdeZC64PaQ15Gbv1kXyYYnN8FWXAST
1PVn2gxgYB8EcjkpJshJHfDoBoG8BntZWM -> 134Kia3XhZV6oXE4EUvjc1ES8S8CY7NioU
1E7kRki9kJUMYGaNjpvP7FvCmTcQSih7ii -> 13eYNM5EpdJS7EeuDefQZmqaokw21re4Ci
12GvGqEQuQTW4Rr8dZ1o397KAYCMGWPYkq -> 16bEBNuc7JQ4QzyoFAkmxdVvW4wJqicjVN
1E4yLggKcgHcpSKX336stXWgheNU2serVz -> 1HMGSkDB9ZhRoUbSEEG6xR7rs9iPT2Ns5B
1p4gsrzTc3mFAgJKYqMzhm6UsJzhgy1KX -> 1CSMVivJfFynvbZRrLFHVGnehpXLUjdGRc
1FFAdm2BWoCfTkTwFLJ4o3b5xG7cuRxbWb -> 167dyxowdWwBdofck3WuAwvUpVfn2ewx8Q
1J1ZPHbbEwgcwniH3F7AgBeFZxQXJoKCGf -> 1CRq6nj3a7vXdJJN2YSWdW6fVwydr6kqWs
1KPDwnrzJAfD2V4oiPf55WBTAi6UJDvMjN -> 13CnacdjvuuTJkCWrZf33yMrQh5aVX5B14
1FDWY63R3M87KkW2CBWrdDa4h8cZCiov9p -> 1LsFFH9yPMgzSzar23Z1XM2ETHyVDGoqd5
3Jz6sH2ZE4ey4QzingeKaUNTjm715RLfKs -> 1MRpBEdFqWK2qCYm5o8toa8BRUN7c3SQVg
1JuP7JXhHabGLVAqp9TJj5N171qLVHrcVq -> 1BwjscJC3P47uW5GXR7tjeHkdXQk6CuAFb
17Xok12pBFkXxNcE8J4gTSm3YKkatyX4ad -> 1NWCqz8nr8ZRZt1zEKidyWcZDyNtK3THps
1EGeEk4YUrXyDL4zNXpWdqJopoVxs2vExJ -> 1C9HtVz7H8NArfV613wQNHs4PrK2oLZEYh
1268xJ8iYUdRxK2vArkyoa5es6bR99hjhR -> 15XWgB1biKGd1JyuYecobfFtfBcVt6Jnok
1FBxoyGYaC9GEKLokfyrHUbZyoZmmm1ptJ -> 14JpZ9Bogo4p83xt6cKS1Fh1rLSFRat8PN
19aNbfFfZEWwstuy97C1GsHHELNCxZSEYV -> 1DT4Q4ocUFgekXvBqBM6kFmvQYB6Y4PnHo
1HzJPqLEpbeXiYhyoA8M8cuuds3FEAnw3B -> 17kYPYbELyVfMSYihD4YETJSZq5yCs3diM
1PhmMsdwamJA6soKw5mNMXxzGomHEHWY5P -> 15RjQKt6D4HBn87QqgbyvhKFNDDjXncp8Y
17iLALAyra1W5KSUjjkGN5LeUsWdeoQQx3 -> 1BVNt39u32LLkxMvBeBHXXNaTJqWe1Xcu5
1MB3L1eTnHo1nQSN7Lmgepb7iipWqFjhYX -> 17iqGkzW5Y7miJjd5B2gP5Eztx8kcCDwRM
1K79KaFs4D6wqz1wjP1QoYiY18fw8N3bZo -> 16eePivj1nTVvLpBGkmFoeGxNyMU7NLbtW
1E1rSGgugyNYF3TTr12pedv4UHoWxv5CeD -> 13FzEhD3WpX682G7b446NFZV6TXHH7BaQv
15nXjzf8EXy8Lji3czM1HAVw14mEKoEiTw -> 141V8fK9Kuofit8AXh9SLV9N9bLTfftETA
1LFGKkDZ21FZVsBh1A1S5Xr6aXuV3x9N4k -> 1P9ZZGDG1npYd4d7jiCfPya6LQGkF5sFm7
1LGUyTbp7nbqp8NQy2tkc3QEjy7CWwdAJj -> 13JNB8GtymAPaqAoxRZrN2EgmzZLCkbPsh
1FEYXtchFFJft6myWc6PyxLCzgdd8EHVUK -> 1FXi6kEJjnZUBqpwjVJKPsgVHKag86k6qq
17A16QmavnUfCW11DAApiJxp7ARnxN5pGX -> 1MThTn1XmUYcUtBs7GPdUBB7cmZWr2BPft
1MbzspFCdXjtqAUx3t6A11vzrk5c847mvE -> 1DHWP6UjSKBBUR8WzTviWAGNgLfDc6V6iL
1NbBTJQ5azGEA1yhGnLh39fE8YoEbePpCm -> 1Ads6ZWgRbjSCZ37FUqcmk82gvup1gQurB
1LdgEzW8WhkvBxDBQHdvNtbbvdVYbBB2F1 -> 1NHvPBaxKFuDec27mWcyCf7szUUvNnfimK
1LdgEzW8WhkvBxDBQHdvNtbbvdVYbBB2F1 -> 1Kap8hRf8G71kmnE9WKSBp5cJehvTEMVvD
1Frj1ADstynCYGethjKhDpgjFoKGFsm5w5 -> 19T6HNnmMqEcnSZBVb1BNA6PrAKd5P2qZg
1Frj1ADstynCYGethjKhDpgjFoKGFsm5w5 -> 14XxBoGgaJd1RcV3TP8M4qeKKFL9yUcef1
1LDqitspsYaiLH6AMW5EzJYuZG5vTGzRNg -> 1Lv6T9RegiNHpES1DHu6AasDcUqp2SeqLb
1MywYg5vwBk2G5Wkmfh2Mo26j1jFTADCkP -> 1L2CdFdZUzYLwXqmWffJhkwamtDXwr6NX2
15WLziyvhPu1qVKkQ62ooEnCEu8vpyuTR5 -> 1MNhKuKbpPjELGJA5BRrJ4qw8RajGESLz6
16SH69WgJCXYXWV58sxjTxonhgBh5HCZTt -> 12fcWddtXyxrnxUn6UdmqCbSaVsaYKvHQp
1C91NNyzXE1dBC4dDKjx6y5VnhihifrpCY -> 1HPnYqbMvV4bGRcpSP28mMyekhjKiudcFY
1ESkNMa9Z37of4QdJmncvibrXxZ7suPjYm -> 1Gj2uRnxDztM7dTDQEUQGfJg4z5RtAhECh
14nuZCWe76kWigUKAjFxyJLFHQyLTsKXYk -> 1HamTvNJfggDioTbPgnC2ujQpCj4BEJqu
14nuZCWe76kWigUKAjFxyJLFHQyLTsKXYk -> 1DvtF6X5b9cBrMZa4Yff9tARCLqP5ZyB47
3BHsbqZnUGM5Gbwsxe7ukk8NJc81kfhY8Y -> 1MH2HaDcKYBFhdBEdE4DKoXZWVdtEqMRag
3BHsbqZnUGM5Gbwsxe7ukk8NJc81kfhY8Y -> 14nuZCWe76kWigUKAjFxyJLFHQyLTsKXYk
1ENCBKFsqxJVCqR2TS1WfDV3rDi6zA8J6Y -> 1NzWscae8v3sKmTVJYwq8yhkizK8hUS5qP
16oTV1jZPJ5wm3QLhN96xVF7DchihmpL1k -> 16nXouTPm5gVedr4Betb8KRWLSBtmXGUbD
1Lp93D7qA4E7rzFD24LsAD3STbVypxP8Mu -> 18sgB1rVs5FSNCD2KDoNySA1wfnirAqdot
1ERdvKTCxP1gZvdNndLKtYotW7qpR3xhuQ -> 1FP8j4zUPoJkpKwYpd8zYGHVaKygRHzx3d
1BCvHvXCceu1pfXgqyTegzDVTiG7KBPUrB -> 19e7wSvRggJdBNLbjJwiB7K43J1PWCyGa9
19Yyqo5rsKQQLQP85LcqQkttRAAY87xwPk -> 1AaDf5H3LWgS6axUXRaww8tZmHqZTKK6D6
16nH7UJSSabJLadDGhFiyxPjMp7zT9Frqe -> 1JGA2mTkfPw6wKn5eNZ5kBJ3iN4K62HScA
3BTxuixRkhMQfTSqCLmq9Wn4jJ9H3dszhX -> 1CEvDrbju2qx4DW59C1Q1ZhvzoqjxJ2YX4
15hMTbxp2Z6dwFKDKcHkm2tnu28gR4994r -> 18zHNXq7UZV4VfUZjqdaHNbj8K5G6YFu4n
1ELZAjiXwZsmrqbvakVJzG6RRZtJDhJ2Rf -> 1LNGJ64rL2KA4VEMGRFBA5vSqaxpTAR7fv
14Ca26QMhDoyZEhmAUbadBHSMtynuFDFEr -> 19ChjJDaqhyPzRePyCwJvAUAcWsb3jwYne
167ZUAUMyeKbsXNDP4S5g7ey1MBucipm5e -> 1FiMHBECGC6QnbH93BgfQxA1BbjmoNEdDZ
34zQQeLLjmYNXdrWehtSmZb8fuP8jLZBqc -> 14dXxWwfg8MUiDpVbF8gg7WoCvxCFgfuh9
1MMBdLWiAK71oevANJrLHXXKAK8bZrPtqx -> 18bRpCq7yDccXrhy49ayv18vBQy6TjLtxV
1J2FqR94hjiriJoFxbN2apw3tyXZZvmdrm -> 19RtmcuK6Uk16uLzFSg23FxfWGCS8Eaxao

This concludes my checking of the experiments OP described. I will do a few follow-up experiments myself and if I find something interesting I will report my findings here. I also added all the results from these experiment in my published sets of compromised brainwallets at https://eli5.eu/brainwallet/ (which reports almost 19k compromised addresses).


Title: Re: Thoughts on this private key stealing mystery
Post by: crofrihosl on October 07, 2019, 02:14:57 PM
sha256(666) leads to 1Az4F5yC19WZt5XMuc6x11xJM81VcJyHQA which in 2014 received 666 satoshi. Hell, that's funny.

again reviving an old topic google brought me here :-X

i run my javascript that iam devloping
SHA256 (6)
1JmrvhqYP4EpSRAhuKkn2NtmPvPNCxA9Kd
SHA256 (66)
1NDx9Sw74RYP5EA6iqgb52C97ncswCy2kp     
SHA256 (666)
1Az4F5yC19WZt5XMuc6x11xJM81VcJyHQA



Title: Re: Thoughts on this private key stealing mystery
Post by: Bountyl on October 29, 2019, 05:21:05 PM
Tell me please. How did you automate this process? What programs did you use? It is also necessary to copy all hashes, check their addresses...