Researchers have discovered a group of people who are hacking Bitcoin Wallets that are secured via the brain wallet system and draining their accounts. The discovery comes only a few days after other researchers discovered a more cost effective and faster way of cracking Bitcoin “Brain wallets,” which were first scrutinized and found to be unsecure in 2015’s DEFCON security conference.
According to the research that trailed 6 years’ worth of transactions, hackers siphoned around $103,000 out of different bitcoin accounts that were secured by an alternative security system. The research also discovered that most account holders used easy to remember passcodes to protect their bitcoin accounts instead of the recommended cryptographic keys.
The hacks were carried out on over 800 accounts where the owners used their passwords to generate encryption keys required for an account user to withdraw money. In most cases the accounts were often drained within seconds or minutes of going live. Brain wallet is the idea of memorizing the password used to make bitcoin transactions rather than the normally required 64-inscription private code that has to be stored digitally or written on paper. For many years, the wallets were strongly promoted as a user friendly and a safer way to secure bitcoin funds, although many bitcoin experts including Gavin Andresen and Gregory Maxwell were skeptical about the idea.
In their research, the researchers analyzed the bitcoin blockchain for wallets that were secured via the brain wallet technique by trying to brute force their passcodes using a 300 billion password cracking dictionary assembled from over 20 different sources including the English language Wikipedia, the Urban Dictionary and the plaintext password leak from RockYou website.
They also employed the “Ars” technique which allowed them to crack phrases and words that most people would have perceived to be strong passcodes. The cracked passwords included “dudewheresmycar” and sayhellotomylittlefriend.”
They ran all the passwords through a function known as the SHA256 to derive potential private keys for different bitcoin addresses utilized by brain wallets. The potential keys were then run on a cryptographic operation that is based on elliptic curves to find public keys that correspond to every potential private key. Since the bitcoin blockchain contains every public key of every brain wallet account, it was very easy to know when a bitcoin user used a password guess to access his or her account.
Only 884 accounts utilized the Brain Wallet technique
Surprisingly only 884 bitcoin accounts used the brain wallet technique. But the appealing news ends there. After analyzing all the 884 brain wallets, all except 21 were emptied in less than twenty four hours after their real users deposited money in them. The total amount of money lost is about $103, 000, drained between September 2011 and August 2015.
According to “The Bitcoin Brain Drain”, a research paper that first demonstrated how brain wallets could be hacked, the vulnerability of the brain wallet system was widely known for a long time to have been repeatedly exploited by bitcoin hackers going after accounts. Over the 6-year span (September 2011 to August 2015) the hackers drained the 884 accounts of over 1800 bitcoins which equates to the $103,000 mentioned earlier depending on the value of the coins at the time that the theft took place.
The researchers also say that they discovered over 1800 unique transactions, affecting 863 wallets that sent money to 48 different accounts. All the 48 wallets received over $100 in bitcoin and 13 accounts received money from over 20 different robbed wallets. Some of the accounts belonged to the same person and the researchers say they were able to discover fourteen different hackers behind the transactions.