Hundreds of Ethereum Wallets at Risk Due to Weak Key Phrases
A study published by a security consulting firm Independent Security Evaluators (ISE) reveals that hundreds of Ethereum are at risk of a breach due to weak key pairings. The security company aired its concerns about the unsafe public and private key pairs affiliated to the Ethereum network.
Hundreds of Ethereum wallets have vulnerable public keys
The chances of an attacker cracking 256-bit encryption and accessing private keys are low. However, the research carried out by the ISE looked into 49,060 ETH transactions and discovered 732 weak public pairs. The soft public pairs, in turn, revealed the corresponding private keys.
The security company based in Baltimore, Maryland added that the trend could be seen on any blockchain implementation that utilizes public key signing designed based on ECDSA encryption. The ISE created a scheme that allows them to discover private keys that were created by using incorrect code or a defective random number generators (RNG) or a combination of the two.
According to the report, the researchers stated that they discovered that funds stored on these soft-key addresses were being stolen and sent to a destination address that belongs to an individual or group. This group runs an active campaign that is compromising private keys and stealing funds from the victims.
While investigating the situation, the researchers stumbled upon an individuals or group they called the “Blockchain Bandit.” This entity has been stealing these weak public key addresses, and the researchers claim that Blockchain Bandit had successfully stolen 37,926 ETH which was worth around $54.3 million by January 13, 2018.
Even though the scenario was statistically improbable, the ISE found 732 weak private keys alongside their public keys that carried out 49,060 transactions to the ETH blockchain. In addition to that, 13,319 ETH were discovered to have been transferred to either an invalid address or wallets that were gotten from the weak keys. At the time when ETH was trading at an all-time high, the combined value of these transactions is around $18,899,969, the report added.
The hacking campaigns were successful
The researchers stumbled upon more vulnerability that could be exploited by hackers. There were roughly 60,286,012 ERC20 based tokens that are stored within these keys. The ISE stated with over 50 million public ETH addresses, the chances are high for hackers to find weak keys.
One of the most significant would be key truncation, a scenario when the key length of the symmetric 256-bit encryption is created, but only a tiny subset is utilized due to errors. Different types of errors can be encountered such as memory reference errors, memory corruption, code logic errors, confusion, random device or RNG errors, seed re-use, and entropy errors.
While investigating another area of key space on the blockchain, ISE discovered more key pairs that were vulnerable to attacks. Scanning the new region revealed 8,920 transactions through 464 private keys and the total value of transactions via these weak private keys was roughly 28.9 ETH.
The study, however, pointed out that using weak private keys wasn’t a widespread issue as it took the researchers over a thousand hours to carry out the task. However, ISE says that several similar cryptographic algorithms could be examined for key generation errors on other cryptocurrencies networks like Bitcoin, ZCash, XRP, Monero, and a few others.
Since these cryptocurrencies are accessible, the researchers believe that high successful hacking campaigns could be ongoing to steal user funds from these networks. If the effects of cryptocurrencies continue to grow, the researchers believe that software developers would have to build infrastructure to incorporate various defense mechanisms to help keep private keys safe. The ISE also recommends innovative measures to be taken that would counter successful hackers such as Blockchain Bandit and future malicious attempts.