Mass exploit detected: Inactive Ethereum Wallets drained - roughly 261ETH

[ultrloa]

Nothing to worry about, these type of exploits and hacks and whatever always are on the news and happens often, at least once a month we see a news like this and it's never a big number, it's always small.

Sure, it's sad for those who this happened to, but in general the market is not really caring about such a small number. This is literally not even half a million dollars, we had situations where 40 million was stolen from hot wallets of binance once, so compared to that, this is basically nothing.

The point is that the market is vulnerable to this kind of attacks. And I don't understand why you said that we shouldn't worry about when we know that there are victims here. What if you are one of the victims? Will you say to yourself that this is not something new and that it is ok for someone to take my money?

Yes, it's not comparable to huge amount of hacks or draining techniques.

But still if we have been in the market for so long, we can say that we should really be very careful of our crypto so that we won't just be another statistics from this cyber actors.

That situation is something that we should not ignore, because the attack exist and even for now we are not affected there's possibilities that in future maybe we will experience the same like losing our funds hidden on our personal wallets.

Its important to know some precautionary measures to avoid such attack and if people holding their coins for long time better not to exposure their address using. Maybe with this they can lessen up their chances to experience such draining attacks or any possible hacking issues.

[dansus021]

—snip—

It is. Brute force into cracking into these is not possible and they did not use that. I can tell you that they did not use brute force and regular cracking because if that was possibility then they could have cracked into some hot wallet of a big exchange and get a billion dollars out, and they did not.

So it is clear that they cracked into something specific, and I agree that whatever they cracked into, was something that was basically just a simple coding mistake that they exploited.

So at this point they probably have something or key to find those inactive wallet, in my opinion there is a possiblity that those private key getting leaked by the wallet provide but I still curious how is that the case.

or the hacker maybe do some social enginnering, if you remember that bybit also got hacked by billion of dollar with a B because social enginnering.

I also rememember that my brother also had same case he tell me that he didnt share his private key to anyone else by somehow his wallet getting drained without smart contract approval too

[henmark]

So at this point they probably have something or key to find those inactive wallet,

Yeah, they may only try to repeat the same tactic on others and see if it still works but if not anymore, I'm sure that great hackers are always going to keep seeking a way to penetrate into a security of something just to get money out of it. If only finding inactive wallets, that is only easy and it can be done using public service like Block Explorers. IDK but maybe some of these wallets or the coins inside it are literally lost by their owners. So I think that is still a good thing if they can get recovered even not by their true owners and circulated again in the market.

in my opinion there is a possiblity that those private key getting leaked by the wallet provide but I still curious how is that the case.

I don't think that is possible. I'm sure those wallet providers don't even know the private keys that their customers generate. If we are talking about centralized service, then that is more likely since a user don't use private keys on it.

[FinneysTrueVision]

I don't think that is possible. I'm sure those wallet providers don't even know the private keys that their customers generate. If we are talking about centralized service, then that is more likely since a user don't use private keys on it.

It’s possible if the wallet has a weak private key generation method. Trust Wallet and Blockchain.info are two of the most famous cases where wallets were vulnerable because they were creating keys with weak entropy. That was also how billions of dollars worth of BTC were stolen from the Lubian mining pool, which were then seized by the U.S. government. It’s unclear how the U.S. government took possession of those funds and whether they were the ones who originally hacked the mining pool.

https://www.elliptic.co/blog/15-billion-us-seizure-reveals-prince-groups-connection-to-iran-china-bitcoin-mining-theft

[The Cryptovator]

I am not familiar with your reference links and don't know how legitimate this site is. But it's quite surprising to me how attackers gain access to the dormant wallet. I haven't heard yet that an attacker is able to generate a private key somehow from the address. If it were possible, then the attacker could drain more wallets and could target bigger wallets as well. We should know the real story; otherwise, we can't even take a lesson.

However, I am not convinced that attacks generate private keys; rather, they might use some other methods to gain access to the wallet, like malware or some other techniques. But definitely we have to be careful about such attacks and move our funds to a more secure wallet. Those have such big funds; they should afford to purchase a more secure hardware wallet. Otherwise, they might have to suffer due to such attacks.