FFeel.Trading
News listWeird! 500 dormant ETH wallets on the mainnet were emptied overnight. Is AI so powerful that old addresses are being frantically hacked?
動區 BlockTempo2026-05-01 04:29:04ETH

Weird! 500 dormant ETH wallets on the mainnet were emptied overnight. Is AI so powerful that old addresses are being frantically hacked?

ORIGINAL詭異!ETH 主網 500 個沉睡錢包被一夜清空,AI 強到老地址瘋狂被盜?
AI Impact AnalysisGrok analyzing...
📄Full Article· Automatically extracted by trafilaturaGemini 翻譯1355 words
Crypto analyst WazzCrypto revealed that hundreds of wallets on the ETH mainnet that had been dormant for over 7 years were drained by the same address within 24 hours, resulting in a loss of approximately $800,000. The stolen assets were bridged to the Bitcoin network via ThorChain and partially transferred to Monero. Aragon team member @TheTakenUser also confirmed that their wallet was transferred for unknown reasons. The community is buzzing about "AI brute-forcing," but on-chain analysis points to old mnemonics and private keys leaked between 2017 and 2020. (Previous coverage: Password management tool once recommended by CZ | LastPass suffers data breach! CZ urges enabling 2FA) (Background: Wallets, warnings, and weak links: A comprehensive analysis of 2025 cryptocurrency security attacks) With hundreds of wallets that hadn't been touched in 7 years being drained simultaneously, the fact that "the attacker is only targeting old addresses" has sparked skepticism from multiple directions in the community. Many believe that current AI development has reached a level where old-era smart contracts are being cracked one after another, leading to the theft of many old wallets. But is that really the case? 324 ETH all flowed to the same address WazzCrypto pointed out on X on April 30 that a large-scale abnormal transfer occurred on the ETH mainnet, with over 500 wallets drained by the same address. Most of these had been dormant for 4 to 8 years, and the oldest address had no transaction records for 14 years. Hundreds of wallets (many of which haven't been active in 7+ years) just got drained by the same address on ETH mainnet Seems like a new live exploit, worth flagging https://t.co/QiKU1b86Uv pic.twitter.com/o1uU85CLPT — Wazz (@WazzCrypto) April 30, 2026 A total of 324.741 ETH was stolen. The attacker bridged the ETH to wrapped assets via ThorChain and converted them into 9.56 BTC, with some funds transferred to Monero to hide their tracks. An associated address still holds approximately $32,000 in ETH. On-chain researcher @tayvano is also tracking the flow of funds from this wave of attacks. Meanwhile, Aragon team member @TheTakenUser posted to confirm that their wallet funds were transferred for unknown reasons. Some wallets were not completely drained, with residual fragmented assets left behind. This does not look like automation; it looks more like someone manually operating this large batch of wallets. Is it not that AI is too powerful? The theory of "AI cracking private keys" spread rapidly in the community, but mathematically, it does not hold up because the attacker is targeting "already leaked keys," not cracking new ones. Community analysis suggests the most likely source is the leakage of old mnemonics between 2017 and 2020. In 2022, LastPass was breached, and encrypted vault backups for approximately 30 million users were downloaded in bulk. Although the vaults were encrypted, accounts with weak master passwords are being cracked one by one. TRM Labs tracked at least $35 million in crypto assets stolen as a result, with fund flows pointing to Russian criminal organizations. Other possible leakage channels include compromised old versions of Electrum, npm supply chain attacks, and trading bots that previously requested private keys. The timing of this attack is also worth noting. ETH rebounded more than 30% from its lows in April, making the assets in dormant wallets suddenly worth liquidating. The attacker may have held the list of keys for a long time and chose to act when the price of Ethereum recovered.
Data Status✓ Full text extractedRead Original (動區 BlockTempo)
🔍Historical Similar Events· Keyword + Asset Matching6 items
2026-04-29
EIP-7702 suffers first large-scale failure: QNT and ETH stolen, Pectra account abstraction mechanism becomes a breeding ground for phishing
Similarity 290%標的 ETH關鍵字 eth同分類 zh
2026-04-27
ConsenSys and Joseph Lubin deposit 30,000 ETH into "DeFi United" to help resolve Aave's bad debt crisis
Similarity 290%標的 ETH關鍵字 eth同分類 zh
2026-04-27
Hot! Bitmine swept up another 100,000 ETH last week, with total holdings exceeding 5 million ETH, controlling 4.2% of the total circulating supply.
Similarity 290%標的 ETH關鍵字 eth同分類 zh
2026-04-27
Aave leads joint proposal from five major protocols: requesting Arbitrum DAO to unfreeze 30K ETH and deposit it into "DeFi United" to restore rsETH collateral
Similarity 290%標的 ETH關鍵字 eth同分類 zh
2026-04-26
Ethereum Foundation unstaked $48.9 million worth of ETH, having sold 10,000 ETH via OTC the day before yesterday.
Similarity 290%標的 ETH關鍵字 eth同分類 zh
2026-04-25
Aave proposal to allocate 25,000 ETH to participate in "DeFi Alliance Rescue," with a current rsETH shortfall of 75,000.
Similarity 290%標的 ETH關鍵字 eth同分類 zh
💡 Currently matching via keywords + symbols (MVP) · Will be upgraded to embedding semantic search later
Raw Information
ID:140b2ffbea
Source:動區 BlockTempo
Published:2026-05-01 04:29:04
Category:zh_news · Export Category zh
Symbols:ETH
Community Votes:+0 /0 · ⭐ 0 Important · 💬 0 Comments
Weird! 500 dormant ETH wallets on the mainnet were emptied overnight. Is AI so powerful that old addresses are being frantically hacked? | Feel.Trading