Two large, costly transactions on the Ethereum blockchain last week were possibly due to criminal activity
Last week, there were two transactions reported by the Chinese-based mining pool Spark Pool that have left the Ethereum (ETH) community stunned. In a matter of two days, nearly 20,000 ETH, worth $5.2 million at the time, was paid as transaction fees, but the value that was actually transferred was only 350 ETH – which is worth less than $90,000. One of the transactions was for only 0.55 ETH, or $133. Ethereum’s Co-Founder Vitalik Buterin and China-based blockchain analytics company PeckShield shared a possible theory about what happened.
At first sight, it seemed like the sender mixed up the fields of the value of the transfer and the fee. However, last Friday, Buterin confirmed that the exchange in which these transactions occurred was held for ransom by hackers, who were able to gain access to these wallets. “So the million-dollar txfees *may* actually be blackmail. The theory: hackers captured partial access to exchange key; they can’t withdraw but can send no-effect txs with any gasprice [sic]. So they threaten to ‘burn’ all funds via txfees unless compensated,” wrote Buterin in a post.
Apparently, these cyber criminals were able to get partial permissions like server management or something related. They were unable, however, to send crypto assets to their own wallets because each exchange has a private key that requires multi-signature verification, so it requires multiple private keys to sign each ongoing transaction.
Therefore, this attack was carried out by this hacker’s gang to blackmail the exchange and force them to pay the amount requested. Failure to do it means that the group would continue to burn their assets by paying ridiculously high transaction fees. Buterin added, “Similar situations could happen in ‘scorched earth’ games, including scorched-earth vaults aka ‘Moeser-Eyal-Sirer’ vaults, as well as scenarios where hackers can slash but not steal staked funds.”