Private key (privkey) hunters - unite!

[robolove]

My fellow crypto hackers. I've been into finding BTC private keys for a little more than a year. I have slightly less than 18k private keys in my own database.

As some sort of proof, here are 50 privkeys - try importing them in for example Electrum

Code:

L3wtCheT3Tvchz6WxsQgVmYopxDKBMxXKC1UpLnVJzEFi34maKLx
KzGk41jwqyoqJN3Rsbv2jDUKQBWYfMLnAke3F89U5oWwf3cauWP3
KxyHuRb7SaTkj36ynts6S58EtFYWDkwcLc3E5WpSdJkcVwgyFgaS
5KkjcrNnP1avWB5g2PimyreVdX5FN8e91UsyerK7z5pGcf6WCYD
5KknpBbehjZ4DRBStfMyd68VNP63rtFHusYaNuDqaE78N948ALf
5KkkZ48EaBs5gmY7W8pAb1cu1KHXVPH4xujT6vmyuYR4WyZ4tmn
5KkmcE7NJTSF9As6we7upSkX9dFxBq9eZNXvfNtyyaKmSbG9hUz
KyEq2YmegzAtz4ADyVowX3fqpvXUinPuTjSknsp218U2zY1Qmi5G
KyfaCbfHkzToiBpawkT1ik3TjQjFfaztgyDyzRHmgGEyz7dTArU4
L4G94NBReR1ZwRkdMSLP41nKXiooLxF9u6YVGp1uPe1eDVeN7qB4
5KkmYchw1wBKCzdY7G7tc5WF6WY5PkCmZxHXi9kYfHfyEWqY1gp
L3uSFVXSUretVNDccCBDPjLSSneCcXaeZPTfe9FS9s3SKAYfdeL6
5Kkjh1TrXpfPQGiEMcptaGBLf8h1KUbtn3n86dmqUoVqPfEfb1P
5KknEJnLyFiGgbUE6ciiGHMQez7o1zW4hMo4VZLpkdSsowuUgPQ
5KkhJ2is3EW8H56n6AvgqT1kWqWh6YhM4KM7ttfjdzrw1qJRyju
KyKQRUE38VFV6iVuX4yJ7GCGrRiquhTSoV3BLmLvCqF6RPXan67Q
5KkkCDvzfsxwTF4NQWsPNdd5ZkcgcGviZWevvQqfYp3ex45VypG
5Kko7c8fGKVSChc8PWJnzEFxXwVTvWJHZVUg8nyGmy3U9DXRMPp
L49HFoB1iFEvzXQn1agpggYGENHTW3khEL4rRArYrcWQcm1iXw4n
L4bSP2b1tBvwnuMrDoZm4vziWhrbzwBtwrsVwmPJqTDUWxCXJH6q
KyAFnDsPNN7DypKeS1wsT6Qzx9A3qGd53uWNeCuvCDjumYEPkoPj
5KkgzEYsJbifwJuqxTPSgkUGstYwX5HKPFucrM776qCwoMdwt59
5KkjenRdxoneEU8Mi8QvRFNuA6jPuiV7Wn9mVobsJiRB2uDXYsN
5Kkg2t2deWnTZrrSRG9jSByMDFKBxQvtYmPd5mycR6DFZHtiQjY
L4XnHhvLC1b4ag9L2PM9kRicQxUoYT1Q36PQ21YtLNkrAdWZNos6
KzK4uyoSm7Bdf3p91P4zVhS4cM4Pq87oCegWf4DcPrqiUDsLfDDt
KyhAKoDY9bfS8ckz2GapefFZfCKMgYTTb1FV2uH3LW2UjvY4xQTM
L3iDb3whFacS3pXFtcJfFLrxpBdJPHL5hUezgMAyYhPzEQhixgKN
5KkgNphSWbFy1r4Eobq1Pbb8kcG1geUpasi597T317HGhP8pYBe
Ky593tmxMTKEs9RjWvZ7bPMNa86wpsxm6di3X48kj4qpPaAj1ygs
5Kkk3dG43gJGHm4SaFC4qRGF7MYG4ShZZ8ESDSiKti1nu71v6Z5
5KkmVdDfTg2QnsMPcyqzbLLX7bZJx4nJATRyLJ9WXy6zDvYwaTR
5KkhGSzfoEaaYdKKeJuq3A7tmPzQdGYxZT2rm71XCAezxn8j6cT
5KkhgqewuqUTXSXZK4oTDi6rg4MHLssE5bh14oZH9NDRrwVdRvJ
KyUYJCbdvkdqWv7csuNHKWsGDcCi5YVXFaP2kfXtDpDNhykCuF6h
5KkmnJwzHL3kTWd8SAkssLmB2yRgUyYoA8X6jn73yfRxHVJYsru
5Kki22dZ3p9mLHvamV9mozC6ypUpq9ZSBa977eaYnec4EdkTLae
5KkhmdqyvaQwuhQ1cfQJCm1xfW4NXV6iDVRuRmVhXMPzGoMEm2s
5KkgASK9mPUrLAogFXZ9cMkxdkP1LNPEoFDVY2FfT64wBQs3fox
Kxk1JRsf6x1aUzN4Gff8ByFX3Jn7XP4NknGZoV6ovaEEVVJF5txf
L4QXUpcMgLC3NxrHgA9EpwAd5pRAkJfh2TvhYATXTW9fgnJuCWRn
Kxntb6r9WjUSJvajfKPWDrJvMVake5J4hBwEd5c4iGepHTbwqi8r
Kxx7AQStazNq2bhBb9nMpfZCKcdvrmKaEtUFskzcmAtVU94Y1jj4
KzedceVxZmamK3KwjpHisZkL7FWUmZnBMZQJTzAWzwbE7zwquaMd
L4rK1yDtCWekvXuE6oXD9jCYfFNV2cWRpVuPLBcCU2z8TrisoyY1
5Kkg7F7nvwy8uKtQsaKZWr9FGPMnM4Vs9nf7LuBXRdxUGZyMAtm
5KkizbG8giTgVgMgS9t1XMHNnxoUEEa2WkB8e1EoArYsqUoGDku
5KkjX2EQbKW1kJk9tRvgvbKcWxjhSicy2DUirQZSzTJ4M9Vd3UD
5KkhNgCMwzjEF7sCWXfKx7v7DHtthU3Jk6jmHHx5AaFnErA3Dzp
5KkmMUpsjKB3gKWzvDA1gsbDFsLFE5Z9H3JRsNSdVSsNFeyJU8D

...and you will get something like (sorry, seems like I don't have the required rank to embed images):

https://imgur.com/a/NwN6ZWA

The vast majority of the privkeys I've discovered are NOT from brainwallets (i.e. weak SHA256 hashes). Image search for QR-codes was nice for a while though, but those days are over. I have a couple of other techniques that I'm fairly sure anyone else hasn't thought of.

Every privkey in my database corresponds to a BTC address with at least two transactions on the blockchain. I throw away all "empty" privkeys.

I have a large Bitcoin Core wallet containing all my discovered privkeys. Five smaller transactions happened within the past week.

Anyways.... I was thinking maybe someone here has the same hobby as I do? Care to hook up and share some thoughts and strategies?

[1714135401]

1714135401

[1714135401]

1714135401

[1714135401]

1714135401

[1714135401]

1714135401

[1714135401]

1714135401

[BTCW]

Ah, we need to connect. Been doing this for a while too. Our database is bigger than yours. Also only with active privkey/address pairs.

Here are 50 privkeys from our database as proof:

Code:

5HqjFMbKYBDkNaMWh28kTDVdVDS92iGMUaYaqZfD6BgtBiJdDEp
5JEqF9q616S2J8wvkqWiS5kRYXQ3bPQZeaGRLQnbLWNjhXgupV8
5KkbVvfdZgo81Ed5cmaUnSoV9rZUUH5Pme64SvyhFMciRNWw7Br
5JugjZ9dkx2iw4BcwaSGTrsjWBDjSUj8UFBT1EAdfeDwr3qAM1C
5KAqTDTh1MMNUzKYEUzbsraCuqoyoSPXsceuvLNpGuG8KsWS5hT
5KTWLvEt5kUbuncgsDbpiD1wVHpgUt5mwkBf33nzPz8HqYtpWZk
5Jk2kCcR2USW1bz7KrTUdFnQFumeF8r75D2FP4hQox15DjJJHh5
5KDL68EydtbEcaruSzjoF6AgULSc65Xr1nYLMPmjt1y49Jt89Ac
5K7pEPzAy2UCRiqwsvYsC2mmW71L7zVG375d91xVV3JFGKaK95a
5JwhBgLg4Q4ibeQX1WHg7QeSiAMr1g8iDdUmPq7a4rhcqNCHfrS
5KGfoYwfC5bTwq5ikrh2ogSSMF6wAaFrhey4XKBR3oDgjkNfx8U
5J41txQF7LnZfbM8hyjhtWajQURS2cW6MRXJsBFZ31ioRapQXgd
5JTrV63hLLJBYJK6RTJAeeMaAiT8J6ALkZiXipEKqDqML2pnexm
5KBw8geEmZvxQy7QEXCN3HQQ4xQHiRXHPNwxisfXo3DrYTb13o1
5Jkh8RtZfSyibW7Fg9ghvyWFPLpAY9HuJrYM4ZCrPV2xVfFB6sS
5JbNL4aoR47MTi1JHqvaLvmyZLB6inzEu47EyoCq5PKkuVmCtot
5HzZLc7c5fDqdgpeqtt18Cxf8B4eFeGQ75mv41TtvXfjib7TuPy
5J8Pm1bTSP6vKcSCM86eUGjJzwp6mnMDuntnGkdE1ppTuWtScMz
5KV3TmCe8y3HEvTgMw3HKBsFQL6bqy6aNJq2XUp2axwZypGN1d4
5Kj7J6FYUAWFGf99no2yekFsQtE1SoPMTZAd9UzcPxmS9W3M1C9
5KADagUo4C61iiU6zu9CepXVLQ15zr2xbQqEo87eSM3tBhgX8bS
5J1tKVe5U5p7kb9CWzoNTKtvTDfGW6y4JaghwasG4tYpShS7446
5JdxDxp2nnXuwW1MbHEFTtzMJK3b7h8Zr3DuS97C8ygh5mXam1K
5KgcjryBVuU1bZ2ipxo3vc1nT7NfTn4VWxy2rjBzDwGdV9UuM9D
5JoyWcjc4sRvpf7jbGDX24eXjMbbQSSnp5tNtzRbzs2ih8sJe9r
5KEtzcrzEB5S1sMuwxugHhN8nwRkL3rMQ9FNWMRkZ92zhL88bzK
5JE9GXzBjy2Ji3qnpCtfe9jWVHfKDuuDYKFVDaT8AWZfQvwCo1S
5J4PwYT4MuVbgPL5Ghu3mTPHa7975zDmLgyX3xdyx9Wuv3Fp7dB
5HqQU9fwJtkhuka7Y3uV8c31r7J8ArsyBLU56gPiEgMtRuQoQ5y
5KQ16mAE1nhtbisWzKxZKmcJmeob66ExqyyaP84Sj73JiHptd7L
5KK4fARR1vH4su1G9EshGMREXqaKsSjyCATq2xjymkzMuRqsBi8
5K17KnGFxwkj26cSWfpVPWyYcwqy7RD8SJcQB7PXDXt1gfKy5AF
5JXCQxsFutYNWY27PJvLQbBYng7B1rxka2bJnNJfrQcfVMdGo61
5KjURv4rjxXmRNXQNLD8x1AvZgX4HnPd5WwikfrbR2jawDHygTX
5KgpLmHnBnpNoeWD375pKcZGZbubGJkHpbhmLzhJGDoiF9hW18Q
5KQsJWxRkBfV7yVXZcT8omgMQzwXYr2NwrD3ZodZNyvhFzQWjfk
5KSTzQyGc5ekPrvtW1B5w3pVJ93ssP5QRsckpCMtpMsr4o3MWTS
5JyteyL2geGfoXNi1tW9Uwpc2H5XhDuZmUcmetdnuyeJiSycXmu
5J8ZdKTSQbo8r32JnQu334cyUjvJiXuq3Z2UMt5si9HYK8yeWYH
5JEYp28eKpBeqaGHHyf4VsCzbC9q6DFrerjmQewKq5KQx3q3QRE
5KMGY6oNUwS23HbRt9gFGZBZb9jXfEAJhV1UR1xGzuHdkC4BJ6o
5Jj9Du5iZtdePsze1NZG76LMC2ya2P1qMEYMxUtMh9P6wXicy2N
5KdS3ZRkUvGPsS3fmormqpY7nNxhmioXe7hEDdwHHgE2PKgSd43
5Jov1JmwLbedz4HkiqtkM952gqyHf2kjivh8v3qUEDJ2G4KmHda
5JLrkmZYtR779HprB4phTAHLCsLsCCLoC6zFGGiSSJ7SGpvEbcP
5Hyz2Ud7g3DiihuggCWmUYHLcj3XHFqmZdcYPZTHyVB6k7MEjyF
5J13KY5KG2EKW2RZt3Gt8oGc6dutAdZ1vTFjZbzFTcLNvqxxV8J
5JF7SHQfMEFh47PpLapF9K5aD1J1Za8x1VE5MhF1jYah64ZGb4n
5HpHagTD47SzTgAmpFPK1oo2iV93SHaEvrDMkyzrxubAU3ezcmG
5HusZ9HBQochkGzmLDfoNUdvAGv7f1LA6GMWgTHu7fwx9dAgqdL

We didn't include the juiciest ones here, but there are a couple of tx from the end of last year.

And we - on the other hand - are able to insert images   Using the privkeys our list above gives:



We agree that Electrum is the wallet of choice for these matters.

Sooo...... where do we go from here?

First of all, there has to be more people here who are into this kinds of research. Make some noise! Or silently join us

[morantis2015]

As a company, we obviously hit all aspects of BTC, and we have had a great amount of success with collision.  We run these for our investors and we have a strong set of rules about importing the funds, but we have seen more than 1000 BTC in wallets that we found using private key harvesting, so it is a viable method, although morality is a nice sidebar for the use of these techniques.

[neo_crypt]

I found privkey hunting vulnerability when analyzed Bitcoin source code at 2010. I found new ways for vulnerabilities & bug hunting when research my own practical PoW that defends from brutforce & AI attacks. I joined to RSA-576 Factory Challange when nobody knows about crypto future.

[Joel_Jantsen]

My fellow crypto hackers. I've been into finding BTC private keys for a little more than a year. I have slightly less than 18k private keys in my own database.

That's interesting. What are the sources of your private keys ? How do you come across them ? What do you do if you find a key with addresses with some notable amount of bitcoins ?

The vast majority of the privkeys I've discovered are NOT from brainwallets (i.e. weak SHA256 hashes). Image search for QR-codes was nice for a while though, but those days are over. I have a couple of other techniques that I'm fairly sure anyone else hasn't thought of.

I know you wouldn't share but makes me a little insecure if you have established 'ways' to discover private keys online.

Anyways.... I was thinking maybe someone here has the same hobby as I do? Care to hook up and share some thoughts and strategies?

Me too.I'm a rookie though.Started collecting private keys just 2 minutes back.

[robolove]

My fellow crypto hackers. I've been into finding BTC private keys for a little more than a year. I have slightly less than 18k private keys in my own database.

That's interesting. What are the sources of your private keys ? How do you come across them ? What do you do if you find a key with addresses with some notable amount of bitcoins ?

The vast majority of the privkeys I've discovered are NOT from brainwallets (i.e. weak SHA256 hashes). Image search for QR-codes was nice for a while though, but those days are over. I have a couple of other techniques that I'm fairly sure anyone else hasn't thought of.

I know you wouldn't share but makes me a little insecure if you have established 'ways' to discover private keys online.

Anyways.... I was thinking maybe someone here has the same hobby as I do? Care to hook up and share some thoughts and strategies?

Me too.I'm a rookie though.Started collecting private keys just 2 minutes back.

It's difficult to talk in general terms about my sources of private keys. I'm not sniffing networks or breaking into other peoples' machines. Nothing illegal. It's more math than  networks, if that makes any sense. And I did mention one of my early methods in the first post - searching for images of QR-codes. In 2014, people would post pictures of their paper wallets on Instagram. Don't do that.

I have so far never had access to a private key with a life-changing balance on it. The vast majority have a zero balance (but all have been active on the blockchain and MAY therefore be used again), and say 1-2% have some dust in them. I've never moved funds from any of them. But honestly, if I stumble over a privkey gives me access to say 50 BTC or more, I don't know what I'm gonna do. They say whoever has the privkey owns the coins.... quite a moral dilemma.

I once found a privkey that had held close to 530 BTC only a month earlier. In one way I'm glad the funds had been transferred before I came in. In one way not.

Hoping to connect with others like me. I'm sure you're out there. I'm not entirely sure what we're gonna do

[LoyceV]

try importing them in for example Electrum

BE CAREFUL! If you accidentally use that wallet later on, someone else can access your funds!

I once found a privkey that had held close to 530 BTC only a month earlier. In one way I'm glad the funds had been transferred before I came in. In one way not.

How did you find that key? Of course, anybody can just post private keys, and I've done that in the past (see here to add a few to your collection). If they're used and you don't care anymore, it's not that special to share it.

[robolove]

Yes - BE CAREFUL - never use privkeys found online!

Such as these 100 privkeys I just generated with vanitygen

Code:

5JeytVw1hq6hE5zced4wBY2TVbNpEwHcZGrkeGqJrdCTaEJXZsg
5Jm4tdnKky6gK5osSydiZWBuvWGbtuHBsZfhpmgopTXKRLrfEEw
5KNhJtFqav8XjWRK9VEBThctsJq4V21Ezep1SZfQoiGUCYyjRzd
5JjDSABTLchtT6NFRvwSBxsT4w2KEhhKixFP4JsHAVL5tVbsdwo
5JPwK3V2EqxqLDb2RMhMNeAPksS6xAVbA1wNpcSravHrPVe9dm3
5JWeKSM9iTNWgRjDasp6PJdktbfEAcrLtrQvA6WXS7hGWwExkM1
5KZJRf9fc8LBMhH1oqYXTExSXb9UorrunXAHe99xKz3hYRfVQ1q
5Jf4oAvgHcgvkKRQF9cQ7eBL9eMACyyzEXnpWWfufDkEHYSpJgB
5JzJutUnYq1yaoQC8npnj2k5qLQvzvhZ9CE2HtyZdGaZGojDJgJ
5KDnWdGGMJeaSWgLH18Un9dXat475pzTrtQTWmAnYGMiLFzxoZ8
5JsLSmdLBEQuFgsVzC9UyFh1MWUSpVcAc2GQbXaUFhLi9dMekg5
5JBAWEPbkQn9YRwXA8FyhE4nkwMGRBEyi2aPEyDnV14TNMSXn5z
5Hvor55FMYvx7ZBkEZ7R1Uv3YGKA4BU2VpbX3wY6zrFKRVVpQKv
5Ht4NaBjoMgdfxWX82urvwv4pzeuuJSHCycBRK6SdPXq13kioUe
5KEYmhsHxZtbR1uaD2KwCJ13NRrCA5CUVmUva8jGFpHPSmuenVT
5KNkteUtW15h5YjdkNh2dHQCKCVUpm6vyBaMaf9EHpvQ8GtyhoG
5JQCMK5QD8Y5JNcmvV4DLiMQJUvmXxGPuYYu4iEvgtU2xezNr6o
5KHPUxAzzjBobxjjsCmfdNzZF9d5rGQ1AZznRj7NNiiGmDbKMKb
5HqQubsY7TQJSCBW3F738fd44koJgL4UKU7FvUmhqSeroDeoqFp
5JhRexTt9PeSkyjhXKKzgKhcvQpmJHRHPpK6MS71hfVcjGqiTrG
5HpHzxdMheMg6nJaEnvmo4VoS1oUWJfywXBiK2WvjQD2U76Dboi
5Js8QrSrGhtSyDf341xwxsqSvp9DcvY8csx3YtnMLkN2VnjicwC
5HveWQB9UX4HV4vxZSQxKqekz3kEZpuGKjbGrju8ZyLJr7p5t55
5HzpQkwJRfeCpcCdorw2woJGhkyE574LhV9YQpn9WLgrfbQWRTm
5JzoA3iSnq8ny81UxnxpURqsYkPVuBDujAtswTF2QawxmRQ4tDt
5JJF2KF7tqqEDNwcJvZqZVY5comFFhkTnh3o7bDYTHiUY53ZLcr
5J2CKaQLDmtJigrFxPaEvHMGVPb1sGHpy3VA3jQyKYzF6dsFarr
5J2NthCxVeA8DS2urvchLkjuZ2isM48LbzDmDKcm2WHFJTTj2Me
5JzRyVggiWNvTPMATNDMNE5jnzDG4LCYpuh3hsy4qDhRyWwoJBu
5KarZxWkGRmVLkUwCFZLynpw6u93iHbxb7H1DqzSbeam9uXZ2Cn
5KPi7rRioN3kCMJe9C8m13ZucuaSaCvEjXPEzFmsEwwPLtfdeU9
5JGb4AhLHh2cSzfNhrj1idgt4YkcixCuyeBU6oQh2PGQVHBYe5d
5Jm7bSCn1kyypfNh36vmZ3oKQq9mQJ5qRBcSyUEDT7pYcBs2598
5JNWRqb4gtEkWtzdLrQ6khXgeuz3bcyoGSxpzX7D644baRxVbwb
5KfFVaZJecQAXMTupY7GxPuqvVXK2H3HacWxgcSdhNSTS1iACRm
5JB9n2c2F3d8WXRXprkodbUVkKqdL7FrDkLYyswcgH7HmpApsBM
5JQdRnEvzhNekAA3auywRpA2Y6b1Ba6jV1bfeQHAph4W7MVCK9k
5HpHdbrhzhWLW9uzfFd5xJN9NuMRunfWBnKFYdgs5NXozgJdAkL
5KiGiWTJZ4YetSS6Hgc7MQPMdDpjuo2yHAAm47uJM1ehmCrXuCw
5HzXLfk2hVAQSvYmtnCW9wziKTYNCBJzSUjN815UbgF6FH4xZuE
5KYdibaVuZqRx9ZHbPNFtKGWEaHMfZb13N25aELXjUYNhVNreQ4
5JyyWA15uG4d5ew342QLiicvYXzmviMES92K6uZo1nXzb1esSfB
5KJCGuPxyJwujDZ1UAuzmpKbT1NnqfdDDGjwpzSRRgCrJpLdviR
5KM4MTH9RSnvQEkqdvL1M3ePgH9Vn4uXh3QDeU2dYKSmjmRvpS1
5K8szo8kHyMPyNgmkdd11gbmBf5DMNyyy8PpQx32nErUzkcKYPJ
5KejwvTVym3Do13QY8zo36s5FW3VjK4WW4KCHrE8HGJUEmQGjjm
5Jx5TDzDUqdyw672sVuibEVkSpM1ui8LnvCthKTJWsFKgiitCxn
5KEki6RBNq7pgPJrgQcQZPGUmemp5SeAq4VWitL3Ht1sVC9m9UA
5HzXYknY9oEvvXwV6GRLNVHUYYc8YukcDDeBsqV4PFEFxJdBR9a
5KVeeDiLw4TJ5oqdokv3mb8BnRwGnXDZLGZcgBsMhqnH6xcLLcD
5K1cY5F3MKaPS9PNKU1VzfYs9ykw7dMQ1xfoz3CGXMjAsEL2rzj
5JB1kCRLgVbtoth6oUnjf5SUGRUCCvpd7a7pvGZHy4bZgbACLTp
5KGhwKx4mQtC6C9wUVgXyJmr8o6UJgjtswEeuSbezqeT8WbbM5d
5JCHtjzFkb14j3XRcF9eXnTdtSGFWc8wSacfwGmrPDze9zCTJJo
5JavkrN4vBXJiegLZiz919sYqHSFU5b99JEQXaZtfxybYmr8fDJ
5JBf2sriYPu658qSzmDARvdcS41FhPhkXiKpjCKjjsd6o9Sr7yo
5JF98c82DxGpXnRQz8aRTXdarTc8ANSCYZYkupjVi5mKrrvnmqc
5HwXEYPopuNyZAC1up8WmrjbLuuybNmWsuWz4Z9fjBUNcEH8VmK
5JSfWYAg4umccmTUKqe2JcHZHswvLUyFWfAJW6y8kERdcV1LeX3
5JHKLjozpc7sniv2mqYKXmpSR8SdAxhSSXdvzf3smKrFfJzWxKd
5KW3WX42TabBvBGxkhG85Kt6pG6WFJwJoUdL4MnHsfVz7WT7GE9
5Hsot2GTx9TsX1dHoZZy6J7f4c6vHxSX88g8cf5UdV8xmrJKJAJ
5JADZ8JcfMWVLnMv6Pg8HaNeZVMRxJSfbzEqJLfZeFxva7Sj7yP
5JncG8SYMeoCEmq2xgczZQ1wcxvDHaajkors2NhJWW9kaDextvy
5J1EpaFhg9STRRCNGeTPEqVAkgEpBEpnDvL4yjKCLZmUrL6koGA
5JgQGkfVrUL393jSC7V6DPHYRPWXRjLaA762j8z9ytkAzXMzMJ9
5J2Ds2ZVv6rdXjyLHAgzodUnMs2aR61gy3tg5iAaBdqRZZTvx86
5JtZkrByk3ccvxZLRA6tgtjpvXCT8FdpEFTX5tYz5q8KomFjkne
5K1LRqVU2hAkKYGoUeNLFNvTjuZykLX3tZf9x41htCa7R14omXY
5JXfjXV9B4FfSHLvZyNfesCbC6d87MuW2rx381eofyhaMEPZ1Cd
5KfUuPpo53GrRsSvygUWmkPZ3J8EXoRKN9ExjGYsTMYMAvBYvCg
5Hveoq5gMLExqDbPCkVh2RBLHVT5W6gw9qxjwai9EnGYE8h6nGs
5J2LiX4enLqmJ4ggagoFqKVMHa8xAEC2kxeY6fVMCEoevWyjtvh
5JUa3VA9MLPfL4gC3SJzkVfTwxmTipEdkJWN8Cw1xsY5QsgPaMe
5KfkxCHoAE9QUo6C9QkVDm1YtyyqscKk2aggppJzKhZi5nnmm6C
5JwU6zMzB2HJmhVuxLasNY7a5AVQRqthGWZRi3FPEbsdnFL77nA
5JsnDp3iwAj5SMRQW2R6rGXo65fkgZfW5CJxCtUJ1k16fjTWPsR
5Jt8T2wmk4kbjHqcpx8us2Hmt389Kc3STJ3ACo7mzEGobhZVKjz
5KR9M8nrq9QLormw6oDcBGbi8Wz3vUxpUWYPK9rXicfM2izUGr5
5JGvsAegX2QAPKFd1xvFF6Ecdiv9NoBEfjPczaFhbJfnGUJBbdw
5JGZUqod4VwSNKPG377NpgRMhak2hCDkfZT9G7orSh2i8uA8JWB
5JoLfoyppR5r2NWkHhNkUc9j1rMSA5rJPBqHMiakzgnX3dDQnNi
5JgJym1FdjQ5qfqB5BtuXT8kidPtQkMyAmqJJ6Qz53mdcUjz6K6
5J9MYgcVbJcByphAXK8W3GySnX8caN7VvBupkbVpmepUXHngVP7
5JVpauRhmAxKTbtgvNWtfdD17KZNLL4SeaAcP9Aev4nd8K6x9mU
5JPt7hu7wZLAyuehtTJz7CuKq5EMpJeLMtQMrAPDncq9EQ7Y24D
5JtCC7G6mbu3Vr6rHmm7xd3J9paA6XeB193UVP6p4Rj7xjhPKE6
5HxVv7SoELLXKVvv9KoQK3fWCLqMeCtt5kYNsBVc7iD7pwCuwmm
5J9CFUq6pNknegdzDHBLAfDmjsaRGgwWk7mPALT4Mb1YeH4kiu1
5JCMLM7uKtb6f5Lpjm8TnhLHQcdwETT3YxLDQF51gcbw7BSshMT
5HvoS26VazhVmvstpVx93GmaJ34KRks6QAvxX9B5rpQSLhixU8h
5K4936kXj9H1fFpNTZNskWZNnU2qRb44SSh6AzuUz3KYaAnJ6k3
5HuBaUbRHqArVMBeeqwtpgQPDUVth2wgZWNwHNfTroyPztEWpVw
5JT5eNJLKDVWgGpaDZvjgDogLMHQAHoqtkQy5LbR4rcV7CD9wQ1
5KCx3SzL4ReEGoxTNibkNX9uvUy9hZhfJC1wtPvJXyk9fy1vgG5
5JjcjZM2gaPnuemWpdQnwgfDwSzENLQGScgsEjsP7z9jvwfjg4B
5JQuh6ShRkwGQtbAfzGEFSEZB1LDQrR35Lb71vjTuRu5sUNJjKG
5JVv4pZqBJvEbXqLEeoDb4MVsXZPMgs4G1wURzJdAKxbx6BCTCb
5JYuJVeP965cLCocC8znYFafGWdeEx5Tae2Ry7HmXJSp4qrjF2y
5K72pjfqkU5DJfniG8PKWYLgHTBcNFjHUCvNgUitbRABvoNpcFy

Even though none of them have been used - ever, chances are very high you will be robbed instantly, just because I posted them here.

[MikaelBlomvist]

Nice thread, I'm a treasure hunter myself And yes, like everyone here i know is 100x time more possible i end up fucking scarlett johansson than actually finding anything by bruteforcing.

I have however, found some keys with balance using unconventional methods. Thats the key (no pun) to find private keys. Methods come and go (Bruteforced brainwallets for example). Lots of other methods are dead and so will be a lot more in the future, just a matter of innovating!

Right now i thought, for fun, to develop a script to do old school bruteforcing, shooting in the dark without any specific order, just to see what pops up.

I began by running directory.io clone on a vps, modifying it a bit to display keys so a python script can pick them up and compare it with around 2m known addresses with funds. This beta version is doing around 6000 kps (keys per second) so its quite trashy at the moment, as it does around 500m keys per day

Currently modifying it to:
use 100% cpu, its using barely 30% atm. Multiprocessing, etc.
Convert the golang script to python so it can generate/check on the fly instead of retrieving an html page with the keys
Once this is done, modify the script to become a sort of botnet/pool that can check and upload to a server once it opens in a computer.

The funniest thing is that even that way, i wont find anything !!!

[seetha]

I found privkey hunting vulnerability when analyzed Bitcoin source code at 2010. I found new ways for vulnerabilities & bug hunting when research my own practical PoW that defends from brutforce & AI attacks. I joined to RSA-576 Factory Challange when nobody knows about crypto future.

How to learn this brute forcing method?

[robolove]

Forgot to mention one of my earliest methods. Worked until 2013 or so. Google:

Code:

site:dropbox.com "wallet.dat"

Found more than 10 wallets with a positive balance without any password protection. Not entirely sure how or why you come up with the idea to put your wallet.dat in your public Dropbox folder. Those were the days...

[robolove]

Nice thread, I'm a treasure hunter myself And yes, like everyone here i know is 100x time more possible i end up fucking scarlett johansson than actually finding anything by bruteforcing.

I have however, found some keys with balance using unconventional methods. Thats the key (no pun) to find private keys. Methods come and go (Bruteforced brainwallets for example). Lots of other methods are dead and so will be a lot more in the future, just a matter of innovating!

Right now i thought, for fun, to develop a script to do old school bruteforcing, shooting in the dark without any specific order, just to see what pops up.

I began by running directory.io clone on a vps, modifying it a bit to display keys so a python script can pick them up and compare it with around 2m known addresses with funds. This beta version is doing around 6000 kps (keys per second) so its quite trashy at the moment, as it does around 500m keys per day

Currently modifying it to:
use 100% cpu, its using barely 30% atm. Multiprocessing, etc.
Convert the golang script to python so it can generate/check on the fly instead of retrieving an html page with the keys
Once this is done, modify the script to become a sort of botnet/pool that can check and upload to a server once it opens in a computer.

The funniest thing is that even that way, i wont find anything !!!

I then guess you are aware of the Large Bitcoin collider. At the time of writing, running at 673.11 Mkeys/s. They've found a few collisions. The odds are not in your favor, diplomatically.

Pure bruteforcing is a dead end.

Think of ways that significantly reduce entropy is my tip. There are a number of ways. People have posted a few, and I have come up with one or two methods myself. Overall however, mining is still much more profitable than going after dust* bruteforce-stylee.

* Yeah, MOST addresses with a positive balance on the blockchain contain dust, hardly worth the effort.

[darkangel11]

Did any of you try to access wallets by guessing the seed? I think it might be easier to create a program that randomly checks various seed combinations than trying to find a private key with a positive balance. As time goes by there will be so many seed combinations that a modified password guesser linked to a dictionary might do the job. And this time if you'll able to find something it might not be a single address but a bunch of them. You might even get lucky and get into a wallet owned by a treasure hunter like yourself

[robolove]

Did any of you try to access wallets by guessing the seed? I think it might be easier to create a program that randomly checks various seed combinations than trying to find a private key with a positive balance. As time goes by there will be so many seed combinations that a modified password guesser linked to a dictionary might do the job. And this time if you'll able to find something it might not be a single address but a bunch of them. You might even get lucky and get into a wallet owned by a treasure hunter like yourself

Electrum has a dictionary size of 1626 words and uses 12 of them randomly, producing 1626^12 possible combinations, which is close to 10^38 combinations. Good luck finding a collision. It will take quite a while. Example:

If somehow could test 1 billion combinations per second (arbitrary number I just came up with), we need 10^(38-9) = 10^29 seconds to try them all. That is approximately 3.17*10^27 years.

The universe has existed for about 13.8*10^9 years.

You see where this is going... right?

[LoyceV]

I then guess you are aware of the Large Bitcoin collider. At the time of writing, running at 673.11 Mkeys/s. They've found a few collisions.

No, they haven't found a collision, and they never will find one.
To prove a collision,k you need to show two different private keys that create the same address.

[Kakmakr]

Why are people still doing this, if the probability of finding a private key that is used, is almost zero? Just look at the numbers involved with this in the following thread : https://bitcointalk.org/index.php?topic=104461.0

There are exactly 2^160 possible addresses and 2^96 private keys and there are only 2^63 grains of sand on all of the beaches of the Earth.

The odds in definitely not in your favour. 

[nc50lc]

Why are people still doing this, if the probability of finding a private key that is used, is almost zero?
-snip-

Yup, by brute-forcing the key, the chance to hit a collision is close to 0.0000000000000000000000000000001%. Wait,

No, what they talking about (in this thread) are those neglectfully stored wallet.dat files, private key backups, paper wallet images or other forms of backups which potentially have funds.
History can tell that some people are stupid enough to store those (not only wallets but passwords and sensitive info too) directly in the internet without "hiding" the files with a disguised file name, file type, etc.

This one for example:

Found more than 10 wallets with a positive balance without any password protection. Not entirely sure how or why you come up with the idea to put your wallet.dat in your public Dropbox folder. Those were the days...

@OP, this isn't "hacking" and... use this to display the image (the link must be the image's direct link that ends with ".png/.gif/.jpg"):

Code:

[img alt=img height=420]https://i.imgur.com/PrBSxN8.png[/img]

[darkangel11]

Did any of you try to access wallets by guessing the seed? I think it might be easier to create a program that randomly checks various seed combinations than trying to find a private key with a positive balance. As time goes by there will be so many seed combinations that a modified password guesser linked to a dictionary might do the job. And this time if you'll able to find something it might not be a single address but a bunch of them. You might even get lucky and get into a wallet owned by a treasure hunter like yourself

Electrum has a dictionary size of 1626 words and uses 12 of them randomly, producing 1626^12 possible combinations, which is close to 10^38 combinations. Good luck finding a collision. It will take quite a while. Example:

If somehow could test 1 billion combinations per second (arbitrary number I just came up with), we need 10^(38-9) = 10^29 seconds to try them all. That is approximately 3.17*10^27 years.

The universe has existed for about 13.8*10^9 years.

You see where this is going... right?

Of course, but it's the same when you're trying to bruteforce a private key. The combinations are endless, but that's not what this is all about. Nobody is trying to test all possible combinations, but find a couple that are in use and give access to active wallets. There's a quite high possibility that if you'll start picking 12 random words out of those 1626 and start messing with them in different combinations you will get a single hit. Isn't that what those "treasure hunters" are hoping for?
Why did I ask about the seeds? Because finding a single one can lead to unlocking a wallet with multiple private keys instead of a single one which the collision dudes are trying to find.

No, what they talking about (in this thread) are those neglectfully stored wallet.dat files, private key backups, paper wallet images or other forms of backups which potentially have funds.
History can tell that some people are stupid enough to store those (not only wallets but passwords and sensitive info too) directly in the internet without "hiding" the files with a disguised file name, file type, etc.

Just recently there was a case of a guy being robbed of his coins because he was storing his passwords in a gmail account and had a backup email connected with it. The backup got hacked and through it they managed to gain the password to his main account.

[MikaelBlomvist]

Nice thread, I'm a treasure hunter myself And yes, like everyone here i know is 100x time more possible i end up fucking scarlett johansson than actually finding anything by bruteforcing.

I have however, found some keys with balance using unconventional methods. Thats the key (no pun) to find private keys. Methods come and go (Bruteforced brainwallets for example). Lots of other methods are dead and so will be a lot more in the future, just a matter of innovating!

Right now i thought, for fun, to develop a script to do old school bruteforcing, shooting in the dark without any specific order, just to see what pops up.

I began by running directory.io clone on a vps, modifying it a bit to display keys so a python script can pick them up and compare it with around 2m known addresses with funds. This beta version is doing around 6000 kps (keys per second) so its quite trashy at the moment, as it does around 500m keys per day

Currently modifying it to:
use 100% cpu, its using barely 30% atm. Multiprocessing, etc.
Convert the golang script to python so it can generate/check on the fly instead of retrieving an html page with the keys
Once this is done, modify the script to become a sort of botnet/pool that can check and upload to a server once it opens in a computer.

The funniest thing is that even that way, i wont find anything !!!

I then guess you are aware of the Large Bitcoin collider. At the time of writing, running at 673.11 Mkeys/s. They've found a few collisions. The odds are not in your favor, diplomatically.

Pure bruteforcing is a dead end.

Think of ways that significantly reduce entropy is my tip. There are a number of ways. People have posted a few, and I have come up with one or two methods myself. Overall however, mining is still much more profitable than going after dust* bruteforce-stylee.

* Yeah, MOST addresses with a positive balance on the blockchain contain dust, hardly worth the effort.

I managed to scale it to 1Mk/s with some tweaks on a few spare vps's I have, they aren't doing anything so is not like im investing on it or anything, it was a fun project to make though. I'm aware of the LBC, i ran it for a few minutes but preferred to make my stuff instead ;P

But of course, its better to find human-fault keys. I have had luck with ETH keys too

[bitcoinfuck]

My fellow crypto hackers. I've been into finding BTC private keys for a little more than a year. I have slightly less than 18k private keys in my own database.

As some sort of proof, here are 50 privkeys - try importing them in for example Electrum

Code:

L3wtCheT3Tvchz6WxsQgVmYopxDKBMxXKC1UpLnVJzEFi34maKLx
KzGk41jwqyoqJN3Rsbv2jDUKQBWYfMLnAke3F89U5oWwf3cauWP3
KxyHuRb7SaTkj36ynts6S58EtFYWDkwcLc3E5WpSdJkcVwgyFgaS
5KkjcrNnP1avWB5g2PimyreVdX5FN8e91UsyerK7z5pGcf6WCYD
5KknpBbehjZ4DRBStfMyd68VNP63rtFHusYaNuDqaE78N948ALf
5KkkZ48EaBs5gmY7W8pAb1cu1KHXVPH4xujT6vmyuYR4WyZ4tmn
5KkmcE7NJTSF9As6we7upSkX9dFxBq9eZNXvfNtyyaKmSbG9hUz
KyEq2YmegzAtz4ADyVowX3fqpvXUinPuTjSknsp218U2zY1Qmi5G
KyfaCbfHkzToiBpawkT1ik3TjQjFfaztgyDyzRHmgGEyz7dTArU4
L4G94NBReR1ZwRkdMSLP41nKXiooLxF9u6YVGp1uPe1eDVeN7qB4
5KkmYchw1wBKCzdY7G7tc5WF6WY5PkCmZxHXi9kYfHfyEWqY1gp
L3uSFVXSUretVNDccCBDPjLSSneCcXaeZPTfe9FS9s3SKAYfdeL6
5Kkjh1TrXpfPQGiEMcptaGBLf8h1KUbtn3n86dmqUoVqPfEfb1P
5KknEJnLyFiGgbUE6ciiGHMQez7o1zW4hMo4VZLpkdSsowuUgPQ
5KkhJ2is3EW8H56n6AvgqT1kWqWh6YhM4KM7ttfjdzrw1qJRyju
KyKQRUE38VFV6iVuX4yJ7GCGrRiquhTSoV3BLmLvCqF6RPXan67Q
5KkkCDvzfsxwTF4NQWsPNdd5ZkcgcGviZWevvQqfYp3ex45VypG
5Kko7c8fGKVSChc8PWJnzEFxXwVTvWJHZVUg8nyGmy3U9DXRMPp
L49HFoB1iFEvzXQn1agpggYGENHTW3khEL4rRArYrcWQcm1iXw4n
L4bSP2b1tBvwnuMrDoZm4vziWhrbzwBtwrsVwmPJqTDUWxCXJH6q
KyAFnDsPNN7DypKeS1wsT6Qzx9A3qGd53uWNeCuvCDjumYEPkoPj
5KkgzEYsJbifwJuqxTPSgkUGstYwX5HKPFucrM776qCwoMdwt59
5KkjenRdxoneEU8Mi8QvRFNuA6jPuiV7Wn9mVobsJiRB2uDXYsN
5Kkg2t2deWnTZrrSRG9jSByMDFKBxQvtYmPd5mycR6DFZHtiQjY
L4XnHhvLC1b4ag9L2PM9kRicQxUoYT1Q36PQ21YtLNkrAdWZNos6
KzK4uyoSm7Bdf3p91P4zVhS4cM4Pq87oCegWf4DcPrqiUDsLfDDt
KyhAKoDY9bfS8ckz2GapefFZfCKMgYTTb1FV2uH3LW2UjvY4xQTM
L3iDb3whFacS3pXFtcJfFLrxpBdJPHL5hUezgMAyYhPzEQhixgKN
5KkgNphSWbFy1r4Eobq1Pbb8kcG1geUpasi597T317HGhP8pYBe
Ky593tmxMTKEs9RjWvZ7bPMNa86wpsxm6di3X48kj4qpPaAj1ygs
5Kkk3dG43gJGHm4SaFC4qRGF7MYG4ShZZ8ESDSiKti1nu71v6Z5
5KkmVdDfTg2QnsMPcyqzbLLX7bZJx4nJATRyLJ9WXy6zDvYwaTR
5KkhGSzfoEaaYdKKeJuq3A7tmPzQdGYxZT2rm71XCAezxn8j6cT
5KkhgqewuqUTXSXZK4oTDi6rg4MHLssE5bh14oZH9NDRrwVdRvJ
KyUYJCbdvkdqWv7csuNHKWsGDcCi5YVXFaP2kfXtDpDNhykCuF6h
5KkmnJwzHL3kTWd8SAkssLmB2yRgUyYoA8X6jn73yfRxHVJYsru
5Kki22dZ3p9mLHvamV9mozC6ypUpq9ZSBa977eaYnec4EdkTLae
5KkhmdqyvaQwuhQ1cfQJCm1xfW4NXV6iDVRuRmVhXMPzGoMEm2s
5KkgASK9mPUrLAogFXZ9cMkxdkP1LNPEoFDVY2FfT64wBQs3fox
Kxk1JRsf6x1aUzN4Gff8ByFX3Jn7XP4NknGZoV6ovaEEVVJF5txf
L4QXUpcMgLC3NxrHgA9EpwAd5pRAkJfh2TvhYATXTW9fgnJuCWRn
Kxntb6r9WjUSJvajfKPWDrJvMVake5J4hBwEd5c4iGepHTbwqi8r
Kxx7AQStazNq2bhBb9nMpfZCKcdvrmKaEtUFskzcmAtVU94Y1jj4
KzedceVxZmamK3KwjpHisZkL7FWUmZnBMZQJTzAWzwbE7zwquaMd
L4rK1yDtCWekvXuE6oXD9jCYfFNV2cWRpVuPLBcCU2z8TrisoyY1
5Kkg7F7nvwy8uKtQsaKZWr9FGPMnM4Vs9nf7LuBXRdxUGZyMAtm
5KkizbG8giTgVgMgS9t1XMHNnxoUEEa2WkB8e1EoArYsqUoGDku
5KkjX2EQbKW1kJk9tRvgvbKcWxjhSicy2DUirQZSzTJ4M9Vd3UD
5KkhNgCMwzjEF7sCWXfKx7v7DHtthU3Jk6jmHHx5AaFnErA3Dzp
5KkmMUpsjKB3gKWzvDA1gsbDFsLFE5Z9H3JRsNSdVSsNFeyJU8D

...and you will get something like (sorry, seems like I don't have the required rank to embed images):

https://imgur.com/a/NwN6ZWA

The vast majority of the privkeys I've discovered are NOT from brainwallets (i.e. weak SHA256 hashes). Image search for QR-codes was nice for a while though, but those days are over. I have a couple of other techniques that I'm fairly sure anyone else hasn't thought of.

Every privkey in my database corresponds to a BTC address with at least two transactions on the blockchain. I throw away all "empty" privkeys.

I have a large Bitcoin Core wallet containing all my discovered privkeys. Five smaller transactions happened within the past week.

Anyways.... I was thinking maybe someone here has the same hobby as I do? Care to hook up and share some thoughts and strategies?

update your electrum !, its outdated