Hackers have made about $103,000 cracking bitcoin wallets that were “secured” using BrainWallet.
Not too long after a group of researchers published a paper about efficiently cracking bitcoin BrainWallets, it was revealed in a paper that there are a group of hackers who have already taken advantage of these weaknesses and have drained every wallet they could.
“Surprisingly, after excluding activities by researchers, we identified just 884 brain wallets worth around $100K in use from September 2011 to August 2015. We find that all but 21 wallets were drained, usually within 24 hours but often within minutes. We find that around a dozen “drainers” are competing to liquidate brain wallets as soon as they are funded”
A brainwallet “refers to the concept of storing Bitcoins in one’s own mind by memorization of a passphrase. As long as the passphrase is not recorded anywhere, the Bitcoins can be thought of as existing nowhere except in the mind of the holder. If a brainwallet is forgotten or the person dies or is permanently incapacitated, the Bitcoins are lost forever.”
BrainWallets were created by turning passphrases into a 256-bit private key by hashing the passphrase with SHA256, that private key is then used