Topic: Private keys posted on Bitcointalk - page 2. (Read 681 times)

I'm not sure. I guess it's some customized wallet software.

Clams aren't worth much anymore. And I'm pretty sure someone thought of claiming them already

Good point. They're probably being sold already.

It was a nice experiment, I know there were some public "private keys" on this forum but never think they were that big amount.

There is a way that you can make money with them, if they are old keys and moved coins in the past, then you can get clam coins with those keys. You can use the service on Just-Dice for that, or install the core and make the swap direct from there.

And another fun way to make money with that list is by selling it in one of those services that let you sell files or compressed folders for cryptos. For sure some users would be interested in buying that list.

This is interesting. As regular user of crypto I would have never imagined that there is stuff like this. In fact this was new learning for me and made me think I should be extra cautious about my private keys. Anyways, I am guy who after creating an address would think thrice which key is to be shared to public and which one not even when they mention in BOLD which one is private key and public key. Idk, there might be many of such users out there doing the same thing to avoid what has happened / mentioned in the OP.


I am surprised to read this. What kind of systems are these? How are they able to monitor if a private key is leaked or not. Its confusing to understand and it should be known to everyone so that I won't be making the mistake of leaking my private key by accident.

For example, whether it is phishing sites, or a software downloaded from play store, or any browser extension? What kind of monitor? & how does it recognize the gibberish code as pvt key anyways?

That's not going to be easy without manual checks. Many people post keys knowing they're compromised already, or they're partial private keys for (secure) vanity address generation. Many keys gets posted more than once (or quoted), and I don't really want to check 10k+ posts.

I agree with Loyce. If you are already running a device 24/7 anyway to host a node, then it costs you nothing to have a script running on that device watching a database of compromised addresses and waiting to sweep any funds which appear. And when we occasionally see transactions like the one Loyce mentioned of ~0.84 BTC, or the one in the post I linked to above of almost 1 BTC, that is more than enough incentive for several people to continually run bots. Each individual will be hoping that their database contains unique addresses, or even actively seeking out unique brain wallets or less common sources of compromised keys.

considering that there is a lot and more and more talk about security, there are warnings everywhere, "keep safe your PK" or "not your key not your coins", now I'm interested in how effective such a campaign really is.
is it possible to see statistics or a graph of the number of posts with an exposed private key over a period of time? is the trend decreasing or are we talking about wallet security here in vain?

No, that can't happen. Just one bot is enough to take the money, and if nobody runs it, someone will. If it's profitable for one person, someone else will do the same. So even if some people stop their bots, others will join.
It's never going to change: once a private key is compromised, funds will disappear.

Not all transactions are dust.

After a while it makes you wonder if it could actually work the other way. More and more people stop running the bots since it really does become pointless and they are slowly forgotten about.
Kind of like the way junk fax senders have been disappearing. Just no work / no profit and more and more people pursuing legal action against them. They just left the field.

Yes in theory this is 'free money' just by running a script. But the 1st time they go to consolidate all the dust they have since fees ate the rest do they just walk away.

-Dave

I once entered my private key in a Google search field. It's such a common thing to do: "CTRL-V > Enter", and it's gone. The best way to prevent this is by making sure you can't make this mistake: never handle private keys on a system that's connected to the internet.

I was curious about that scenario too. That would mean that (eventually) only miners profit from funds sent to addresses with leaked private keys.

This is definitely the case. I remember a few years ago looking more closely at coins being sent to brain wallets being stolen - https://bitcointalksearch.org/topic/m.46603379. In short, within only one or two seconds of a transaction being made to a brain wallet, there are multiple competing transactions detected by different nodes attempting to sweep the coins to another address. And bear in mind that as soon as a node has seen one such non-RBFed transaction, it will reject all others, meaning that although we may only see 3 or 4 such transactions across the entire network, there are likely many more than that which are being rejected. Given that we know there are multiple bots running with huge databases of addresses from brain wallets, it is only logical to assume their databases also include all leaked private keys and seed phrases they can find as well.

Things will get quite interesting once full RBF becomes commonplace. Any such transaction stealing coins from a brain wallet or leaked private key could be replaced by another transaction, regardless of whether or not is opted in to RBF. We could end up seeing different bots broadcasting more and more replacements, each paying a higher and higher fee, trying to steal the coins for themselves. Since there is no incentive for any one such bot to surrender and let another bot win, then such transactions could just escalate until the entire value (or close to it) is paid in fees.

FYI, Bitcoin Core load whole wallet to RAM which may be reason of long loading time[1].


And with HEX, i expect you'll receive many false positive since 64 character HEX also mentioned as hash of a file, as block hash, as TXID or explaining SHA-256.


That doesn't make sense. Bitcoin don't have smart contract which can be used to perform scam through sharing recovery/mnemonic words.

[1] https://bitcointalksearch.org/topic/m.60252176

I've made such mistake some years ago when I was really new to crypto. I wanted to send someone my wallet address and I mistakenly sent him my private keys and I was lucky I noticed it before the recipient got the message. I quickly had to transfer my funds to a different wallet and forfeited that very wallet.

It is advisable to always have a clear head when performing sensitive transactions to avoid making costly mistakes.

Did you click the first 2 words of this topic?

Coming from a newbie account? It may be intentional, some greedy members will want to outsmart the poster but the smart will get hunted in the end, I don't go after people's private keys or recovery seeds when I see them online, I believe no one is stupid enough to post them online, they did it to lure greedy people.

I wonder if the forks get claimed at the same time too or if you checked any of them (similar to what neurotic said, an ethereum private key can look similar to a bitcoin one).


I think they scan in advance to see how big your wallet gets (somehow) or at least decide to load a certain number of addresses (via a tree) and decide if the tree is too big to process or not (whatever it is, it's kept those servers very fast).

My list is indeed not complete. I didn't search for Hex keys either, only WIF.

I didn't search for altcoin private keys.

That must be why the wallet grew to 2.2 GB. With just private keys, it was only a few MB.

I think that the number is bigger, since some have posted them as images which you could not "scan".

Even more, in some cases I remember there was a scam spree of posting "by mistake" ETH private keys for wallets containing tokens and no ETH. Obviously, at funding a smart contract was sending the ETH away.
So it was not only mistakes.


Impressive! I've intended a similar test some years ago with Electrum (my set was much smaller and I don't even remember if I've done my test with keys or just addresses). But for some addresses the number of transactions was too big and the Electrum servers were cutting me off (I knew less back then). So I've abandoned the idea of watching those. However, I've noticed even back then that even if some addresses were known to be leaked and unsafe, some people still were playing with them long afterwards (by funding with small amounts). But I was not aware of huge mistakes like that 0.84BTC... wow...

This post made me curious: how many private keys have been posted on Bitcointalk?
To find out, I searched all downloaded posts (which took hours) for anything that could be a Bitcoin private key. That resulted in 9375 potential keys (not all of them are valid, and no, I won't post the list).
Yesterday, I imported the private keys into a new Bitcoin Core wallet (this took only a few minutes), and did a rescan. This took forever, but was mesmerizing to watch: the balance went up and down by many Bitcoins, and this kept going for hours! I left it to finish overnight.
This morning, Bitcoin Core was hanging. I killed it, restarted it, and it took forever to load the wallet (which had grown to 2.2 GB during the rescan). Eventually, it worked! It's up to date, and the total balance is 0 (as expected). Every few minutes, Bitcoin Core is unresponsive for a few minutes, most likely because of the large wallet combined with a lack of processing power. It's not very nice to work with, and consumes 1 full CPU core.

Scrolling through the transactions, it's obvious any incoming transaction instantly gets sweeped, usually at a high fee. I assume many people have systems monitoring all compromised private keys, and they're competing against each other to steal the funds before someone else does. Back in the days, it happened to large amounts of Bitcoins, but the more recent transactions are mostly small. Except for last month (January 24): this address received 0.84362383BTC, which was instantly sweeped. The private key was posted 2 months earlier:
Someone made a very expensive mistake funding it. I'm hoping pbies can tell me where the private key comes from.

TL;DR
Don't post your private keys! Don't post your seed phrases! Don't try to be smart by creating a brain wallet!

No spam
Self-moderated against spam. Discussion is of course allowed.