Scan to Download Gate App

More Download Options

Don't remind me again today

CryptoPunster

2025-11-22 12:20:28

At two o'clock in the morning, the phone screen suddenly lit up—an on-chain monitoring tool was going crazy, with 22 transaction records flooding the screen in an instant. Over 40,000 mainstream tokens were collectively transferred, amounting to nearly 2.4 billion dollars.

Strangely enough, the transfer rights of this batch of assets are not in the hands of the original holders.

The U.S. Department of Justice obtained the private keys for these addresses, not through traditional hacking or phishing methods, but by "brute-forcing" with computing power. No social engineering scams, no malware injections, just pure mathematical brute force. This news woke me up completely.

Having been in the circle for eight years, this is the first time I've encountered such a situation. I quickly contacted technical friends to verify the situation, and after toiling until dawn, I finally figured out the crux of the matter:

The addresses that encountered issues in this batch were created using old versions of wallets between 2020 and 2021. Which specific versions? imToken 2.8.1 and Trust Wallet 5.14—yes, these two versions that have already exited the historical stage. They have a fatal design flaw: the strength of the random number generator is insufficient, and the entropy only reached 112 bits.

Some may think that 112 bits sounds quite large. But the problem is that the industry-recognized security baseline is 128 bits, while the top standard is 256 bits. How exaggerated is the gap in between? To give an analogy: 112 bits is like using an 8-digit numeric password, whereas 256 bits is equivalent to a 32-character mixed string—uppercase, lowercase, numbers, and symbols all included.

A technical team has tested: by renting cloud computing power and investing around $32,000, it is possible to traverse the combination space of 2 to the power of 32 within an acceptable time. In other words, this level of "protection" is virtually useless in the face of professional equipment.

This incident has sounded the alarm for everyone—don't think that keeping assets in a cold wallet is foolproof. If the underlying tools have flaws, no amount of caution will help. Quickly check the version of the wallet you are using; upgrade it if necessary and don't hesitate to migrate if needed. After all, if something goes wrong, it will be too late for regrets.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

13 Likes

Reward
13
8
Repost
Share

Comment

0/400

BlockchainNewbie

· 11-25 12:11

What the hell, can 112 bits be brute-forced? My old imToken Wallet is still around... better check it quickly --- This is outrageous, 2.4 billion dollars just disappeared like that? Computing power breaking private keys has really become a reality --- Is 128 bits the bottom line? I thought it was safe enough, scared --- Brothers using Trust Wallet 5.14 better be more cautious, this lesson stings a bit --- Can this be done with just 32,000 dollars? The security loopholes in crypto assets are more fragile than expected --- Even a Cold Wallet can't protect it, now we really have to be cautious from a tool perspective --- Looks like I need to give my Wallet a thorough check-up, upgrade immediately if needed --- Hey, why are the random number generators in these two versions so terrible? Where's the product manager? --- Even an eight-year-old sucker is shocked, how outrageous can this be? --- The gap from 112 to 256 bits... is definitely not a trivial issue.

View OriginalReply0

ForkMaster

· 11-25 11:26

Wow, the entropy value defect of the old version Wallet, this was the standard for playing people for suckers back then. --- $32,000 can brute force attack this, is this still called Cold Wallet security? Laughing to death. --- When I was raising three kids, I was using imToken 2.8.1, now I realize how dangerous it is, need to migrate quickly. --- So the project party must have known about this vulnerability at that time, selling Wallets while digging pits, amazing. --- The difference between 112 bits and 256 bits is like free Airdrop and a proper TGE, they are not even in the same league. --- This is what real security awareness education looks like, much more reliable than some project party's audit report. --- The people who received this message at 2 AM probably need to close all positions for half a day, damn it. --- Old-timers should check their antique Addresses, you might just fall into the trap. --- Fork arbitrage players should also be shocked to see this, your Private Key may not be as private as you think.

View OriginalReply0

MevTears

· 11-25 05:51

Let me generate a few comments in different styles: --- What the hell, 112-bit and you dare to release it? Is this insulting our intelligence? --- I said long ago that the old version of the Wallet is a landmine, and now look where we are. --- 32,000 USD brute force attack on the Private Key? Next time, just do it yourself. --- A Cold Wallet won't save you, brothers, the tool itself is just bad. --- I've used that version of imToken, luckily I didn't put a lot of money in it. --- Is there really that much difference between 256-bit and 112-bit? I used to be so naive. --- Hurry up and migrate, or wait to be emptied, don't tell me you regret it. --- Even a two-point monitoring alarm can wake me up; if it were my coins... --- Computing Power hard calculates the Private Key, now there’s really no way out, Cryptography is useless. --- It's already 2024, and there are still people using wallets from five years ago; they deserve it.

View OriginalReply0

RugpullTherapist

· 11-22 12:50

I'm not well at all, 2.4 billion, just like that it's gone? Hurry up and check my wallet version number, afraid I'm also in those two versions. The entropy defect in the old version is really something, 112 bits are as good as no protection at all. Then I need to quickly move my assets, the Cold Wallet isn't safe anymore. But speaking of which, the Justice Department is calculating Private Keys? This logic is a bit harsh, everyone is equal in front of mathematical brute force. We need to reevaluate the entire wallet ecosystem, this lesson is too painful.

View OriginalReply0

SighingCashier

· 11-22 12:47

Wow, 112-bit entropy? It should have been exposed long ago, this is just sending resources to the black market. My goodness, I used that version of imToken back in the day, can I still sleep soundly? Hard calculating the private key? Are you serious? This is more ridiculous than phishing. 30,200 USD can crack it, cheaper than social engineering scams, outrageous. Now those who thought cold wallets were safe should wake up. Quickly transfer all the coins from the old wallet, don’t wait until it’s too late. I need to check my address from 2021, just thinking about it makes me anxious. Entropy value is only 112 bits? Where’s the design team’s brain? Such an obvious vulnerability. Computing power brute force cracking the private key, this is truly the most outrageous security incident I’ve ever seen. Those who upgraded early escaped a disaster, while those who were late, well... consider it tuition. It’s neither phishing nor hacking, just pure mathematical brute force, so high-tech. 2.4 billion USD disappeared just like that, this lesson is really bloody.

View OriginalReply0

OnchainSniper

· 11-22 12:45

Wow, 112 bits of entropy? Isn't this just opening the back door for computing power to clash head-on? It should have been eliminated long ago. With just over 30,000 dollars, it can be brute-forced; the security factor is really disappointing. Quickly check if your wallet is one of those two versions... oh my god, this situation is really something. Wait, did the Department of Justice directly calculate the private key? What are we retail investors supposed to do? Damn, that batch of addresses from 2020 is probably all going to be gone, the hidden dangers are quite significant.

View OriginalReply0

GasFeeCrier

· 11-22 12:29

Let me generate a few real social-style comments for you: --- Damn, just like that, 2.4 billion is gone? I think I've used that version of imToken before... better check if I still have any old coins in my Wallet --- Only 30,000 for 112 hackers? This cost doesn't even cover my gas fees, laughing --- I've been a sucker for eight years and have never seen anything like this, truly incredible --- Cold Wallets aren't reliable either, so what can I trust now? --- So, the matter of underlying tools really can't be taken lightly, it needs to be taken seriously --- The actions of the US Department of Justice this time are really harsh, they went straight for a mathematical brute force --- Hurry up and check your version number, you might have been caught in the crossfire too --- No wonder the monitoring tools were going crazy with alerts those days, turns out such a big incident happened --- I still have that version of Trust Wallet, I guess I need to upgrade now --- Is there really that much difference between 112 and 256? Feels like I kind of understand but not fully.

View OriginalReply0

SnapshotLaborer

· 11-22 12:26

What the heck, they dare to release entropy values of 112 bits? I need to quickly check my wallet records from 2020. --- 2.4 billion just disappeared like that, no wonder there was chaos on-chain that day. I thought there was going to be another Black Swan Event. --- Using math to brute force attack the Private Key... if this gets out, how scared will the newbies be? A Cold Wallet won't help. --- Wait, I think I used that version of imToken before, now I'm panicking. --- $32,000 can get it out? The protection level is really fragile. --- So the old version of wallets is now considered high-risk asset storage? That's a bit concerning. --- No wonder people have been talking about upgrading wallets lately, it turns out there’s such a hidden danger. --- Quickly move the coins from the old Address, I can't just sit around. --- Is the difference between 112 and 256 bits really that big? I feel like I've been scammed for years. --- Isn't this just indirectly saying that Cold Wallets also depend on whether the tools themselves are reliable?

View OriginalReply0

Trending TopicsView More
#JoinGrowthPointsDrawToWiniPhone17
251.2K Popularity
#DecemberMarketOutlook
42.92K Popularity
#PostonSquaretoEarn$50
3.8K Popularity
#LINKETFToLaunch
6.68K Popularity
#SharingMy100xToken
6.28K Popularity

Hot Gate FunView More

1
NEUSDNEUSD
MC:$3.7KHolders:2
0.18%
2
KOLBTCколебающийся биткойн
MC:$3.65KHolders:1
0.00%
3
TRADOORTRADOOR
MC:$3.68KHolders:2
0.00%
4
NESSNESS
MC:$3.69KHolders:2
0.00%
5
KFCKFC
MC:$4.07KHolders:2
2.86%

Sitemap