Share this article
Hacker Returns 225 BTC Taken from Blockchain Wallets
A 'white-hat' hacker who was able to take 255 BTC from Blockchain users' wallets following a security flaw earlier this week has returned the funds.
Updated Sep 11, 2021, 11:22 a.m. Published Dec 10, 2014, 10:09 a.m.
Make us preferred on Google
A white-hat hacker who was able to take 255 BTC from Blockchain wallets following a security flaw earlier this week has returned the funds.
Bitcoin Talk member 'johoe', an account 1.5 years old but with only 21 posts, had always stated that he or she was taking the funds for safekeeping and would return them, writing on the forum:
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
"There were a large bunch of new broken addresses today (several 100s in one day). I took the liberty of saving some funds before they got swiped by others. If you can convince me that they belong to you (signing a message with the address is obviously not enough; the private key is already known), I will send the funds back."
Johoe then posted a page of 1,019 addresses said to be compromised, and invited users to check if theirs was one of them. Blockchain CEO Nicolas Cary confirmed to CoinDesk that the funds had been received.
Even before the funds were returned, Blockchain had admitted it was at fault and promised to reimburse any users who had lost money.
Random number flaw
The problem that led to the vulnerability was reportedly wallets generated with previously used 'R-values' in formulas that generate random numbers, meaning a hacker could use the public address to calculate its private keys. If R-values are unique, this should be impossible.
For the technically-inclined, Blockchain CTO Ben Reeves has pointed out the mistake in code on Blockchain's GitHub page here.
Blockchain posted in a statement that the issue affected web wallet users who had created a new wallet address or sent funds from an existing address during the period the vulnerability was live.
, Reeves sent an email asking him to send the funds to this address, which johoe duly did, posting a photo of a Trezor wallet sending the transaction.
Still solving the problem
Customers on Bitcoin Talk and Reddit, while relieved their funds were swept by someone with good intentions, are now contacting Blockchain to prove their losses and have them returned.
At this stage, however, it is not 100% confirmed that all funds removed from Blockchain wallets were under johoe's control. At least one user has claimed that nearly 100 BTC missing from his wallet have gone elsewhere.
Blockchain is in the process of examining "thousands" of customer claims and support tickets for authenticity before reimbursing.
Trezor wallet image via johoe/bitcointalk.org. Hacker image via Shutterstock
More For You
Pudgy Penguins is building a multi-vertical consumer IP platform — combining phygital products, games, NFTs and PENGU to monetize culture at scale.
What to know:
Pudgy Penguins is emerging as one of the strongest NFT-native brands of this cycle, shifting from speculative “digital luxury goods” into a multi-vertical consumer IP platform. Its strategy is to acquire users through mainstream channels first; toys, retail partnerships and viral media, then onboard them into Web3 through games, NFTs and the PENGU token.
The ecosystem now spans phygital products (> $13M retail sales and >1M units sold), games and experiences (Pudgy Party surpassed 500k downloads in two weeks), and a widely distributed token (airdropped to 6M+ wallets). While the market is currently pricing Pudgy at a premium relative to traditional IP peers, sustained success depends on execution across retail expansion, gaming adoption and deeper token utility.
More For You
HYPE token surges 24% as silver futures volume soars on Hyperliquid exchange
Silver futures on the crypto derivatives exchange are currently showing $1.25 billion in volume and $155 million in open interest.
What to know:
- HYPE, the native token of the Hyperliquid derivatives exchange, jumped 24% in 24 hours as trading in silver, gold and other commodities surged.
- Silver perpetual futures on Hyperliquid became the platform’s third most active market during Asia hours.
- Because trading fees from user-created markets are used largely to buy back HYPE on the open market, the spike in commodity activity is fueling demand for the token and signaling broader growth for Hyperliquid.
Top Stories
