Collection of 18.509 found and used Brainwallets

[o_e_l_e_o]

Let's just hope you want suffer from a dying brain instead of a dying hard drive!

The human brain is a very fragile thing. There are literally hundreds of completely unpredictable accidents and illnesses that can leave you with profound memory loss. Relying solely on your memory is a bad idea.

[1715306257]

1715306257

[1715306257]

1715306257

[1715306257]

1715306257

[1715306257]

1715306257

[TheArchaeologist]

Is there there a list of addresses in plain text?
I want to compare your list with mine

There isn't one yet but I could build it easily. So you are looking for a text file containing 1 BTC address on each line?

[amaclin1]

There isn't one yet but I could build it easily. So you are looking for a text file containing 1 BTC address on each line?

Any format you prefer  
I am too lazy to copy-paste 38 pages from https://eli5.eu/brainwallet/  

[TheArchaeologist]

I am too lazy to copy-paste 38 pages from https://eli5.eu/brainwallet/  

Grab them from this text-file then: https://eli5.eu/brainwallet/btc_brainwallet_v18569.txt

Would be nice if you could share the ones I miss!

[Thirdspace]

have you checked whether any of them have BCH or BTG balance?
or are they old used addresses with no chance of having balance on recent forks?
can you sort the list by the latest date of transaction? might give more insight

[HeRetiK]

have you checked whether any of them have BCH or BTG balance?
or are they old used addresses with no chance of having balance on recent forks?
can you sort the list by the latest date of transaction? might give more insight

Good thinking! All of these brainwallets seem to have been cleared up a long time ago though, presumably there are multiple people running regular scans on the most common brainwallet addresses as described by OP. At least that was the state of 2015 when Brainflayer was first introduced at Def Con 23.

I'd also love to see a feature for listing the addresses by the latest transaction date though.

[TheArchaeologist]

Forum member amaclin1 did a check and came up with 200 addresses/brainwallets he had which were missing from my list. I just added them to m database and updated the site. My own software indicated two of the entries as a duplicate so the total list now contains 18.767 entries. Thanks for helping/sharing!

To comment on the other request by adding the latest transaction date: This is something I currently do not have present in my database. I will mark is as a future request since I first have to complete/update my own blockchain parser for this. But as mentioned by HeRetiK all of the addresses were emptied a long time ago so way before any fork afaik.

[rpstatic]

Did you also find wallets with any balance on it? Would be interesting if people still use them.

[TheArchaeologist]

Did you also find wallets with any balance on it? Would be interesting if people still use them.

No I didn't. It seemed to be a lucrative business once so I can imagine lots of time and computing power has been consumed to find private keys for addresses with non zero balances in the past.

Furthermore: I'm just interested in finding as much brainwallets as possible which have been used in the past. I'm not interested in stealing funds which aren't mine.

[almightyruler]

Bumping this thread as I am also doing something similar, and plan to publish my results to increase awareness of the risk of using sha256 brainwallets.

Like the OP, I'm interested in this only for research purposes, so I scanned all known addresses rather than just cherry picking those with a balance. I'm using brainflayer, but as previously noted, the large number of addresses in the blockchain as of 2018 result in a very high false positive rate (currently around 13%) which requires a lot of post processing.

So far I've found 20329 valid keys. The large majority of the keys are based on single English dictionary words, which seem to have been deliberately sent small amounts (for research? for fun?) back in 2013.

This particular brainwallet concerns me, as the transactions are recent (March 2018), and for a large value (0.5 BTC): https://www.blockchain.com/btc/address/1GkGD48ucUKCwPkwRyH1bDLJTAdeHVn2xR

The funds were swept out instantly, which strongly suggests it was a theft by a bot watching that privkey. The passphrase is a song title, with minor mangling.

[Thirdspace]

This particular brainwallet concerns me, as the transactions are recent (March 2018), and for a large value (0.5 BTC): https://www.blockchain.com/btc/address/1GkGD48ucUKCwPkwRyH1bDLJTAdeHVn2xR

The funds were swept out instantly, which strongly suggests it was a theft by a bot watching that privkey. The passphrase is a song title, with minor mangling.

there were 4 transactions competing to sweep balance from 1GkGD48ucUKCwPkwRyH1bDLJTAdeHVn2xR
I found two of them were trying on two different addresses with same balance of 0.5 BTC,
receiver address 17WRjamo... and 1LdUHTEV... competing on utxo of 1GkGD48u... and 152DXcBq...
I think there is more to it than just some bots sweeping some addresses
did you also find private key for 152DXcBqGShpC7mBj4XZHQG9uGY9mUtZ8d ?
btw, that receiver address 1LdUHTEV... has balance of 50 BTC 450+ tx ins without a single tx out

[HeRetiK]

[...]

This particular brainwallet concerns me, as the transactions are recent (March 2018), and for a large value (0.5 BTC): https://www.blockchain.com/btc/address/1GkGD48ucUKCwPkwRyH1bDLJTAdeHVn2xR

The funds were swept out instantly, which strongly suggests it was a theft by a bot watching that privkey. The passphrase is a song title, with minor mangling.

It not only suggests bots, it also suggests that these bots iterate through rather impressive lookup tables.

Have you checked whether this particular passphrase has been part of a prior leak? You can check here: https://haveibeenpwned.com/Passwords

It would be interesting to know whether our brainwallet sweepers are using publicly available password lists or have some pimped collections of their own.

there were 4 transactions competing to sweep balance from 1GkGD48ucUKCwPkwRyH1bDLJTAdeHVn2xR  [...]

There seem to be quite a handful of bots competing for the most common passphrases. This talk from 2015 estimates them at half a dozen [1], I wouldn't be surprised if matters have gone worse since then.

[1] https://www.youtube.com/watch?v=foil0hzl4Pg (around the 31:30 mark)

[almightyruler]

The funds were swept out instantly, which strongly suggests it was a theft by a bot watching that privkey. The passphrase is a song title, with minor mangling.

receiver address 17WRjamo... and 1LdUHTEV... competing on utxo of 1GkGD48u... and 152DXcBq...
I think there is more to it than just some bots sweeping some addresses
did you also find private key for 152DXcBqGShpC7mBj4XZHQG9uGY9mUtZ8d ?

Not yet.

It not only suggests bots, it also suggests that these bots iterate through rather impressive lookup tables.

There would be some challenges with maintaining a database that has several billions (maybe even trillions) of records, but it wouldn't be impossible. You would need a BIG bloom filter (to minimise false positives), and a clean and fast key->value database with lots of storage.

Have you checked whether this particular passphrase has been part of a prior leak? You can check here: https://haveibeenpwned.com/Passwords

It would be interesting to know whether our brainwallet sweepers are using publicly available password lists or have some pimped collections of their own.

Oh no — pwned!
This password has been seen 1,164 times before

Turns out it's not such a mysterious password after all; checking further, it appears in the password lists I downloaded. I thought my system had found it through mangling of lyrics (which it may have still done, independently). The password for 1GkGD48ucUKCwPkwRyH1bDLJTAdeHVn2xR is "loveisallyouneed"

[HeRetiK]

Have you checked whether this particular passphrase has been part of a prior leak? You can check here: https://haveibeenpwned.com/Passwords

It would be interesting to know whether our brainwallet sweepers are using publicly available password lists or have some pimped collections of their own.

Oh no — pwned!
This password has been seen 1,164 times before

Turns out it's not such a mysterious password after all; checking further, it appears in the password lists I downloaded. I thought my system had found it through mangling of lyrics (which it may have still done, independently). The password for 1GkGD48ucUKCwPkwRyH1bDLJTAdeHVn2xR is "loveisallyouneed"

Alright, that's slightly less worrying then.

I was expecting something along the lines of "l0ve1s4lly0un33d" or a 1337 version of "Hey Jude" which would have implied a far vaster lookup table. (assuming it isn't already. well, probably now it will be.)

[almightyruler]

Turns out it's not such a mysterious password after all; checking further, it appears in the password lists I downloaded.

Alright, that's slightly less worrying then.

I was expecting something along the lines of "l0ve1s4lly0un33d" or a 1337 version of "Hey Jude" which would have implied a far vaster lookup table. (assuming it isn't already. well, probably now it will be.)

I can think of one method to vastly reduce the amount of storage required for a stealer-bot, and I'm sure that people much smarter than I am have come up with a similar idea. So it's not impossible for a setup to be able to include a wide variety of permutations, in the hope of catching something in the future. I'm using a modest 2TB array on my temporary cracking machine and I estimate that could store around 20 to 25 billion candidate addresses.

I had a quick look through the results, and my system has found at least one 8 character password that does not appear in any of the source input files, has zero Google results, and is not on haveibeenpwned. The password evolved by mixing two or more disparate source lines together, and applying some extra mangling (appending, truncating, etc). THAT'S what should scare people off using sha256 wallets: your cool 8 or 10 character "random" password, even one that has no words in it, is not unbreakable.

[vit05]

Let's just hope you want suffer from a dying brain instead of a dying hard drive!

The human brain is a very fragile thing. There are literally hundreds of completely unpredictable accidents and illnesses that can leave you with profound memory loss. Relying solely on your memory is a bad idea.

It would be very interesting if someone could find papers with statistical research proving what is safer for a period of time greater than 10 years. A human brain or an HD. Something like this would definitely be very useful for many future applications. The simplest way to think about this is that it is much riskier to store a password in the brain than in a hard drive.

But perhaps the big complicator is not exactly health issues or an accident. It may be that keeping sentences is not the best way to put something in the brain, it's too risky. And many times we look for something simple as in the case of this password that is just a title of a very famous song.

But overall, few people have kept some kind of hard drive for over 10 years.

[o_e_l_e_o]

It would be very interesting if someone could find papers with statistical research proving what is safer for a period of time greater than 10 years. A human brain or an HD. Something like this would definitely be very useful for many future applications. The simplest way to think about this is that it is much riskier to store a password in the brain than in a hard drive.

I doubt such papers exist.

The answer to the question depends on repetition, though. You can commit a 12 word phrase to memory relatively easily, probably in under an hour. You'll remember it for a day or two, no problem, but you'll have forgotten most of it in a week or two unless you practice it a few times every day. There's no way most people will remember something like that for >10 years unless you are repeating it at least a couple of times a week.

And then, as I mentioned, all you need is a mild blow to the head or a bad infection and you've forgotten it.

[TheArchaeologist]

Bumping this thread as I am also doing something similar, and plan to publish my results to increase awareness of the risk of using sha256 brainwallets.

Thanks for bumping. I kind of felt there was not much interest in this before as I expected to get a lot more responses to the list I published. Publishing the results including proof cost me quite some time. But good to see another person with the same interest

So far I've found 20329 valid keys. The large majority of the keys are based on single English dictionary words, which seem to have been deliberately sent small amounts (for research? for fun?) back in 2013.

I think your results share a lot of findings in my set. I am very much interested in the ones you found so I can update my list with the ones I missed. Any chance you can share your findings? (a list of found words/sentences you found would be enough)

The funds were swept out instantly, which strongly suggests it was a theft by a bot watching that privkey. The passphrase is a song title, wit

Yes, there are a couple of bots active which monitor the mempool (using a modified bitcoind client) for incoming transactions. Each address found is then matched against a very large set of addresses composed on all kinds of brainwallets. In other words: Just because the brainwallet "Jack" hasn't been used yet doesn't mean it is a safe brainwallet. When you would deposit some coins into the attached address you can be sure they will be stolen within the blink of an eye.

[almightyruler]

Bumping this thread as I am also doing something similar, and plan to publish my results to increase awareness of the risk of using sha256 brainwallets.

Thanks for bumping. I kind of felt there was not much interest in this before as I expected to get a lot more responses to the list I published. Publishing the results including proof cost me quite some time. But good to see another person with the same interest

Yes, I can see you've spent some time collecting the data and making a nice interface to present it. Perhaps you should make a way for people to leave comments? For example, to link to a thread discussing that specific brainwallet. I'm thinking about approaching this from another perspective, making a website that displays (well known) passphrases to show how basic some of them are, and how quickly funds sent to those addresses were swept away. May even try sending small amounts to a few of them (like ryanc did live in one of his presentations) to demonstrate that the funds will be stolen within literally seconds.

Obviously, I need to do this in a way that makes it obvious how insecure passphrase brainwallets are, but without making it seem too easy for a would-be thief. (To make it clear: it's NOT easy, and I'd say that in 2018 we'd be beyond the point of diminishing returns.)

I think your results share a lot of findings in my set. I am very much interested in the ones you found so I can update my list with the ones I missed. Any chance you can share your findings? (a list of found words/sentences you found would be enough)

Still collecting, but I'll share at a later date. I forgot to mention that I'm also including Litecoin and Dogecoin, so some of those keys would not be for Bitcoin.

The funds were swept out instantly, which strongly suggests it was a theft by a bot watching that privkey. The passphrase is a song title, wit

Yes, there are a couple of bots active which monitor the mempool (using a modified bitcoind client) for incoming transactions. Each address found is then matched against a very large set of addresses composed on all kinds of brainwallets. In other words: Just because the brainwallet "Jack" hasn't been used yet doesn't mean it is a safe brainwallet. When you would deposit some coins into the attached address you can be sure they will be stolen within the blink of an eye.

Yes, I think that's a point that some people will struggle to grasp, that the very first time they use their new brainwallet phrase the funds could be stolen instantly. And also that brainwallet thieves are not focussing on cracking any specific address; the method of cracking will find ANY insecure wallet. So both these arguments fail:

- I'm the only one who knows my passphrase
- No one cares enough about me to try hacking my wallet

This comment on Hacker News from the owner of 1brain... may provide some insight:

https://news.ycombinator.com/item?id=7368283

(That was the only thing that account posted on HN. No one ever replied to that comment.)

[almightyruler]

Things were getting a bit boring because my system was only finding one or two new wallets per day, but today it suddenly found about 30 new ones.

Here's another (relatively) recent transaction, which was swept out immediately:

https://www.blockchain.com/btc/address/15jG7moSaWgQADbG45cbvc79sHjKBBnxBk

Alternate block explorer showing double spend attempts within the same couple of seconds:

https://bitaps.com/15jG7moSaWgQADbG45cbvc79sHjKBBnxBk

Nearly 1 BTC is not a small amount. Back then it was worth around $15k USD

Password is "letthegoodtimesroll"

---

This one lasted a bit longer, and uses a non english phrase that doesn't appear in my password lists or haveibeenpwned (so I won't reveal it here) : https://www.blockchain.com/btc/address/1AsUMTvY4bRXKXrFZ1tbQ8xi1Lz3DiBNHt

Hopefully the transfer out was by the rightful owner.

---

Some of these brainwallet funding transactions have multiple outputs, often with one large output (change?), so I suspect they're withdrawals from an exchange, and people are sending to this cool wallet thing they can generate safely without needing to install any software........

Don't use SHA256 brainwallets!