A Reddit user has become the latest example of why crypto users should be more careful when using wallet generators \u2014 after the user lost a few thousand dollars worth of Bitcoin (BTC<\/a>) from their “secure” paper wallet.<\/p>\n On July 24, a Redditor by the name \/jdmcnair\u00a0posted<\/a>\u00a0on the r\/Bitcoin subreddit,\u00a0asking for an explanation on how a hacker could have been able to steal<\/a>\u00a0over $3,000 worth of Bitcoin from their supposedly secure paper wallet \u2014 which was even generated on an offline computer.<\/p>\n \u201cI was doing self-custody, generated my key and printed it on paper on an offline computer, transferred my BTC to this offline wallet, and kept it stored in a safe that only I have the key for,\u201d the user wrote.<\/p>\n \u201cI thought I was keeping it in one of the more secure ways possible.\u201d <\/p><\/blockquote>\n In an update to his initial post, the Redditor revealed that they used the wallet creation tool walletgenerator.net to create their wallet\u2019s private keys, which some users highlighted\u00a0have been infamous for vulnerabilities<\/a> in the past.\u00a0<\/p>\n Speaking to Cointelegraph, blockchain security firm CertiK’s director of security operations Hugh Brooks said users should think twice before using a crypto wallet generator.\u00a0<\/p>\n Such online wallet generators have served as a viable hacking tool for a while now, Brooks said:<\/p>\n \u201cSome of these wallet generators could be straight-up scams. The website that the post claims returns an IP address in Russia. When looking at a tool such as Criminal IP we can see that the address has several abuse reports filed against it.\u201d <\/p><\/blockquote>\n Paper wallet generators have been known to contain serious vulnerabilities since 2019, Brooks said, adding that if anyone has generated wallets using walletgenerator.net then it’s likely \u201cthe same keys have been given to different users.\u201d<\/p>\n The Profanity wallet generator exploit was a textbook example of this security vulnerability<\/a> which led to the $160 million hack<\/a> on algorithmic market maker Wintermute in September.<\/p>\n The solution is simple, according to Brooks. Users wanting safe crypto storage should use a \u201ctrusted hardware wallet provider such as Ledger and Trezor.\u201d<\/p>\n Related: <\/em><\/strong>Almost $1M in crypto stolen from vanity address exploit<\/em><\/strong><\/a><\/p>\n The Redditor was baffled as to why the exploiter waited over 12 months to exploit the funds, prompting another to offer a possible explanation.<\/p>\n \u201c[The hackers] wait for enough noobs to think they generated secure private keys, wait for them to deposit significant amounts, and then, one day, swipe all the funds, so there is no time to react to reports of the site being compromised.\u201d<\/p><\/blockquote>\n With a sudden increase in long-dormant Bitcoin wallets waking up<\/a> \u2014 many with funds in the millions \u2014 some pundits think it\u2019s due to wallet generators being hacked.<\/p>\n Unpopular crypto opinion: the fact that wallet generators can be cracked and people can lose their funds with no recourse is terrifying. I\u2019m going to tell you what I believe to be the answer, and I know the \u201cmake everything decentralized\u201d crew will hate it<\/p>\n \u2014 Jesse Hynes (@jesse_hynes) April 25, 2023<\/a><\/p><\/blockquote>\n Hackers managed to snatch over $300 million in Q2 2023,<\/a> according to CertiK, a 58% decline from the same period last year.<\/p>\n Magazine: <\/em><\/strong>$3.4B of Bitcoin in a popcorn tin \u2014 The Silk Road hacker\u2019s story<\/em><\/strong><\/a><\/p>\n<\/div>\n![](\"https:\/\/s3.cointelegraph.com\/uploads\/2023-07\/0d65df93-b478-4b2f-a11a-f1811b071a73.PNG\")
\n