1 BTC stolen from BrainWallet due to weak key

[GuyPaddock]

I did a transaction yesterday using http://www.bit2factor.org/ in which I got about 1 BTC total.

After the transaction, I used the "sweep key" function on Blockchain.info to transfer the funds into my own wallet, and it looks like it moved it to my oldest address -- 1Gj6ubnVGcHcPMmBEhvGXhcQkpusE4vH85 -- which was originally generated as a brain wallet back in April 2013. Before the transaction, the wallet address had a zero balance.

About 4 hours after the sweep, it looks like someone came in and nabbed all the funds and sent them to 1EnuCnYuYadPAp1qTWj8rWxZvb9QQ1vFKz. According to the relay information, that transaction (3a19b0d36c19360cc0794de9b44b2fffd5a1a3a1a0322aed2b033b98f8b957a0) was relayed by 129.132.230.77 which maps to vbitcoin-08.inf.ethz.ch at ETH/UNIZH.

My guess is that back when I used Blockchain.info in April, it had that RNG flaw that was discovered in August, and now that I was using the address again, someone used the key exposed in the prior transactions to grab the funds.

I am 100% positive that this was not the result of a virus or anything on my own machine -- I'm a software dev, very cautious about what I download, running Kaspersky AV, and regular scans.

[1714659050]

1714659050

[1714659050]

1714659050

[1714659050]

1714659050

[1714659050]

1714659050

[Moebius327]

brain wallet

[grue]

My guess is that back when I used Blockchain.info in April, it had that RNG flaw that was discovered in August, and now that I was using the address again, someone used the key exposed in the prior transactions to grab the funds.

the RNG flaw was only on keys generated by android wallets.

[Moebius327]

Can you give some details on the password you used for the brainwallet? You know some people are "mining" brainwallets with weak passwords nowadays.

[GuyPaddock]

My guess is that back when I used Blockchain.info in April, it had that RNG flaw that was discovered in August, and now that I was using the address again, someone used the key exposed in the prior transactions to grab the funds.

the RNG flaw was only on keys generated by android wallets.

Not true, the Blockchain RNG vulnerability in August was on the random numbers used to sign transactions. It was using the same R value for multiple transactions with the same private key.

[GuyPaddock]

Can you give some details on the password you used for the brainwallet? You know some people are "mining" brainwallets with weak passwords nowadays.

30 character passphrase. It's a sentence that starts with an uppercase letter, ends with a period, and contains three words separated by spaces.

[Moebius327]

Can you give some details on the password you used for the brainwallet? You know some people are "mining" brainwallets with weak passwords nowadays.

30 character passphrase. It's a sentence that starts with an uppercase letter, ends with a period, and contains three words separated by spaces.

Not by any chance a quote from somewhere? If you find the sentence in google search you have your answer.

[GuyPaddock]

Not intentionally a quote, no. The words themselves do, of course, show up in Google.

[GuyPaddock]

I will wait to see what Blockchain.info says about it...

[GuyPaddock]

There, how's that?

Seriously, though, it looks like the Swiss Federal Institute of Technology Zurich is running a tool to brute force brain wallets.

I just hope that at the end of their research / proof of concept, they return the coins...

[prezbo]

Seriously, though, it looks like the Swiss Federal Institute of Technology Zurich is running a tool to brute force brain wallets.

Them relaying the transaction doesn't mean they stole your money. I'm 100% sure ETH had nothing to do with this. You should maybe educate yourself what the data you gather actually means before you start throwing such accusations around.

[Rannasha]

There, how's that?

Seriously, though, it looks like the Swiss Federal Institute of Technology Zurich is running a tool to brute force brain wallets.

I just hope that at the end of their research / proof of concept, they return the coins...

The "relayed by" field on the Blockchain.info website just shows the node that Blockchain.info received the transaction from. And while Blockchain.info is well-connected to the network, the vast majority of nodes are not directly connected to Blockchain.info, so a transaction may pass through several nodes before Blockchain.info sees it. "relayed by" only shows the last hop.

The chance that this transaction actually originated from ETH Zurich is rather small.

[Moebius327]

Instead of blaming people for your faults, you can ask politely who cracked your weak brainwallet password. Some people will return it. Also inform yourself what a strong brainwallet password means.

[TheFootMan]

If the info in this thread is correct, "Swiss Federal Institute of Technology Zurich" should be removed from the thread title. If blockchain only shows 'relayed by' and this is the last hop, the chance that "Swiss Federal Institute of Technology Zurich" is the culprint is fairly slim.

[CyberMOS]

,... running Kaspersky AV, and regular scans.

answer

[EuroTrash]

If the info in this thread is correct, "Swiss Federal Institute of Technology Zurich" should be removed from the thread title. If blockchain only shows 'relayed by' and this is the last hop, the chance that "Swiss Federal Institute of Technology Zurich" is the culprint is fairly slim.

+1. OP please fix subject.

ETH has a lot of computing power and some very fast relays which do actually strenghten the network. Someone in there did a thesis on bitcoin last year. I think there was a thread on bitcointalk about it. They do not mine but they run full nodes.

[GuyPaddock]

Very well, fixed.

[TheFootMan]

Very well, fixed.

I'm sorry about your loss. 1 btc is quite a lot of money.

Did you figure out more details about how things happened, or have you written everything off by now?

[GuyPaddock]

Instead of blaming people for your faults, you can ask politely who cracked your weak brainwallet password. Some people will return it. Also inform yourself what a strong brainwallet password means.

Well, I haven't used a brainwallet since April and don't intend to. Normal private key is, IMO, way more secure. Didn't even realize I had that address still linked with my account until the funds were gone.

[Patel]

Very well, fixed.

the coins are already gone, what was your password?