[mcdee]

> Additionally, we identified 13,319 Ethereum that was transferred to either invalid destination addresses

There is no such thing as an invalid Ethereum address.

Separately, what the researchers seem to miss is that the majority of these funds were stolen due to a far more traditional software exploit: the Go Ethereum client (geth) has a JSON-RPC interface. If the user:

  - enables the interface (it's disabled by default)
  - listening on a public address (it defaults to 127.0.0.1)
  - and unlocks their wallet (they are locked by default)

then anyone can send a request to the interface to sign a transaction transferring all funds in the account to another address.

If anyone cares enough, it's easy to set up an instance of geth with the first two conditions met and watch the transfer attempts coming in.

[mannykannot]

I don't follow your argument here - why would a thief, on finding an exploitable instance of Geth, transfer its funds to an address derived from a weak private key? Is that the only way this exploit works?

[mcdee]

The thief would transfer it to an address of their choosing, which wouldn't have a guessable private key (and obviously be known by the thief).

[mannykannot]

That is what I thought, but in this case, the ether that are presumed to have been stolen are those that have shown up at addresses with weak keys and then moved to another address (one without a guessable key), often as soon as they show up at the first address. The authors tested this hypothesis by moving a dollar's worth of ether to one of these addresses, and it was immediately stolen from them. I do not see how one could conclude that these presumably-stolen coins were stolen through the Geth exploit.