Re: Collection of 18.509 found and used Brainwallets
Bumping this thread as I am also doing something similar, and plan to publish my results to increase awareness of the risk of using sha256 brainwallets.
Thanks for bumping. I kind of felt there was not much interest in this before as I expected to get a lot more responses to the list I published. Publishing the results including proof cost me quite some time. But good to see another person with the same interest 
So far I've found 20329 valid keys. The large majority of the keys are based on single English dictionary words, which seem to have been deliberately sent small amounts (for research? for fun?) back in 2013.
I think your results share a lot of findings in my set. I am very much interested in the ones you found so I can update my list with the ones I missed. Any chance you can share your findings? (a list of found words/sentences you found would be enough)The funds were swept out instantly, which strongly suggests it was a theft by a bot watching that privkey. The passphrase is a song title, wit
Yes, there are a couple of bots active which monitor the mempool (using a modified bitcoind client) for incoming transactions. Each address found is then matched against a very large set of addresses composed on all kinds of brainwallets. In other words: Just because the brainwallet "Jack" hasn't been used yet doesn't mean it is a safe brainwallet. When you would deposit some coins into the attached address you can be sure they will be stolen within the blink of an eye.