Bitcoin 
Ethereum 
Tether 
XRP 
BNB 
USDC 
Solana 
JUSD 
TRON 
Lido Staked Ether 
Figure Heloc 
Dogecoin 
WhiteBIT Coin 
Bitcoin Cash 
USDS 
Cardano 
Wrapped stETH 
LEO Token 
Hyperliquid 
Wrapped Bitcoin 
Ethena USDe 
Binance Bridged USDT (BNB Smart Chain) 
Monero 
Wrapped Beacon ETH 
Canton 
Chainlink 
USD1 
Wrapped eETH 
Stellar 
Dai 
sUSDS 
Litecoin 
PayPal USD 
Hedera 
Coinbase Wrapped BTC 
Zcash 
Avalanche 
Rain 
WETH 
Sui 
Shiba Inu 
Toncoin 
USDT0 
Cronos 
World Liberty Financial 
Tether Gold 
MemeCore 
PAX Gold 
Uniswap 
Polkadot 
Ethena Staked USDe 
Mantle 
BlackRock USD Institutional Digital Liquidity Fund 
Falcon USD 
Bitget Token 
Aave 
Aster 
Global Dollar 
Circle USYC 
OKB 
Ripple USD 
HTX DAO 
syrupUSDC 
Pepe 
Sky 
Bittensor 
BFUSD 
Internet Computer 
Ethereum Classic 
NEAR Protocol 
Pi Network 
Ondo 
Gate 
Pump.fun 
KuCoin 
Worldcoin 
Superstate Short Duration U.S. Government Securities Fund (USTB) 
USDD 
Jupiter Perpetuals Liquidity Provider Token 
Provenance Blockchain 
MYX Finance 
POL (ex-MATIC) 
Cosmos Hub 
Jito Staked SOL 
Ethena 
USDtb 
Kelp DAO Restaked ETH 
Kaspa 
Midnight 
Binance-Peg WETH 
NEXO 
Rocket Pool ETH 
Algorand 
Flare 
Binance Bridged USDC (BNB Smart Chain) 
Aptos 
Official Trump 
Wrapped BNB 
Janus Henderson Anemoy AAA CLO Fund 
Function FBTC 
Spiko EU T-Bills Money Market Fund 
Ondo US Dollar Yield 
OUSG 
XDC Network 
Filecoin 
syrupUSDT 
Render 
VeChain 
Arbitrum 
Binance Staked SOL 
Beldex 
Morpho 
Usual USD 
Janus Henderson Anemoy Treasury Fund 
USDai 
GHO 
Polygon Bridged USDC (Polygon PoS) 
Bonk 
Solv Protocol BTC 
A7A5 
Lombard Staked BTC 
TrueUSD 
LayerZero 
Fasttoken 
clBTC 
Sei 
EURC 
Jupiter 
Stacks 
pippin 
PancakeSwap 
StakeWise Staked ETH 
Dash 
Tezos 
Kinetiq Staked HYPE 
tBTC 
Chiliz 
First Digital USD 
WrappedM by M0 
Story 
Decred 
Kinesis Gold 
River 
Stable 
Optimism 
Pudgy Penguins 
Mantle Staked Ether 
JUST 
Virtuals Protocol 
Polygon PoS Bridged DAI (Polygon POS) 
Lighter 
Resolv wstUSR 
c8ntinuum 
COCA 
Artificial Superintelligence Alliance 
Curve DAO 
BitTorrent 
Liquid Staked ETH 
Kite 
Arbitrum Bridged WBTC (Arbitrum One) 
Gnosis 
Sun Token 
Resolv USR 
Kaia 
Wrapped Flare 
Maple Finance 
Kinesis Silver 
L2 Standard Bridged WETH (Base) 
AINFT 
Steakhouse USDC Morpho Vault 
Ether.fi 
Injective 
USX 
crvUSD 
PRIME 
Binance-Peg XRP 
IOTA 
Ether.Fi Liquid ETH 
FLOKI 
Renzo Restaked ETH 
Lido DAO 
The Graph 
sBTC 
Bitcoin SV 
Legacy Frax Dollar 
Humanity 
Jupiter Staked SOL 
Olympus 
Savings USDD 
Celestia 
SPX6900 
Aerodrome Finance 
Marinade Staked SOL 
JasmyCoin 
Arbitrum Bridged WETH (Arbitrum One) 
DoubleZero 
ADI 
Telcoin 
Axie Infinity 
Staked Aave 
A Bitcoin user lost funds after sending cryptocurrency to a compromised wallet that used a transaction identifier from a coinbase block reward as its private key.
- A Bitcoin user sent 0.84 BTC to a compromised wallet whose private key was derived from a block 924,982 coinbase transaction identifier, exposing it to theft.
- Automated programs monitoring the mempool detected the deposit and competed via replace-by-fee transactions, sometimes paying nearly 100% of the value in fees to claim the funds.
- Using predictable or publicly available data—like transaction IDs or common word patterns—for private keys enables immediate exploitation, highlighting the critical importance of true entropy in key generation.
The transaction identifier of the Coinbase from block 924,982 served as the private key for the wallet, creating a security vulnerability that triggered automated bot activity, according to cryptocurrency publication Protos.
The incident prompted automated computer programs connected to Bitcoin’s memory pool, or mempool, of pending transactions to compete for the funds. These bots automatically detect deposits into compromised wallets and broadcast replace-by-fee transactions to outbid competing programs’ fees to miners for withdrawal transactions.
In the reported instance, 0.84 BTC was sent and lost to an address with a non-random private key derived from a block’s coinbase identifier, according to blockchain data.
The automated systems employ replace-by-fee mechanisms to incrementally increase transaction fees in competition with other bots. In some cases, child transactions pay up to 99.9% of the transaction value in fees, according to observers monitoring such activity.
Private keys represent the most critical security element for protecting bitcoin holdings. When a private key is exposed or derived from common data patterns, theft typically occurs immediately, according to cryptocurrency security experts.
Many compromised wallets with non-random private keys utilize seed phrases with predictable patterns, including repeated words such as “password,” “bitcoin,” or “abandon,” according to security researchers. Any non-random pattern lacking true entropy can expose a private key and enable automated systems to drain deposits to the corresponding public key.
The incident demonstrates that non-randomness can extend beyond simple word patterns to include public information recorded on the Bitcoin ledger, such as transaction identifiers of block rewards. Failure to introduce mechanical entropy when generating private keys can enable brute-force attacks and compromise fund security, according to cryptography experts.
Hashing a private key via a transaction identifier does not provide sufficient entropy for secure private key storage, the incident illustrates. Miners and other mempool observers can monitor transaction identifiers for non-randomness and attempt to broadcast theft transactions using exposed private keys, according to blockchain security analysts.
