The activation of several previously dormant Bitcoin wallets has sparked rumors of a mass hack.
On April 24, @whale_alert notified the community of a dormant address containing 1,000 BTC ($27 million) becoming active after a 12-year break.
Similarly, on April 20, @WhaleChart tweeted details of a 9-year dormant wallet moving 6,071 BTC ($178 million). Many other recent examples exist.
Members of the Bitcoin community have pointed out the peculiarity of the situation — with some speculating a mass hack of older Bitcoin addresses is in progress.
Mass hack targeting OGs
On April 18, MetaMask dev @tayvano_ drew attention to an ongoing hack affecting over 11 chains — draining more than 5,000 Ethereum at that time.
The attack was deliberately targeting “OGs who are reasonably secure.” Moreover, having investigated the hacks, including forensic device examination, experts are still none the wiser on the point(s) of vulnerability.
@tayvano_ advised users to limit their exposure by splitting funds across multiple wallets. Better still, to transfer holdings to a hardware wallet — which will require PIN entry to verify transfers out.
Bitcoin community voices concern
Several community members have called the activation of previously dormant Bitcoin addresses suspicious.
@WolfOfPoloniex said the frequency of activations within a short time was “extremely odd.” He pointed out that rumors of unauthorized access are circulating.
“It seems one of the trending theories is that someone has gained access to hacking old wallets.“
Similarly, @crypto_bitlord7 said he had heard on the grapevine that “someone has been cracking older $BTC paper wallets.” Initially, he dismissed this as nonsense. But “this is too coincidental now.”
Despite recommendations to move funds to a hardware wallet, @crypto_bitlord7 said he suspects they are also vulnerable. As a precaution, he is moving his funds to Armory — a retail multi-signature cold storage wallet.
“This means Trezor 12 and 24 word is potentially vulnerable.”
Ran Neuner said the situation was becoming alarming. He suggested that the vulnerability could lie in a cracked wallet generator.
Wallet generators create new paper wallet addresses — giving the user a public address and private key in the process.
When challenged on the coincidental nature of dormant addresses becoming active, Neuner countered, saying, “Nope. It’s too many at the same time. All from an old vintage…”