Fun

Ethereum’s $5.2 Million Fee Scandal Explained: Exchange Held to Ransom by Hackers

News Feed - 2020-06-13 03:06:20

Ethereum"s $5.2 Million Fee Scandal Explained: Exchange Held to Ransom by Hackers


Hackers are holding an unnamed crypto exchange to ransom after an alleged cyber-attack forced the Ethereum blockchain to facilitate two separate transactions at a cost of $5.2 million in fees, new information suggests.


The hackers may have gained access to the exchange’s funds but failed to transfer the money into their own wallets because of a security setting that demands multiple passwords to process a transaction.


Now they have turned to blackmail, trying to arm-twist the concerned platform into paying a ransom, according to Ethereum (ETH) co-founder Vitalik Buterin.


Explaining the suspicious transactions, Buterin tweeted on June 12 that: “Hackers captured partial access to exchange key; they can’t withdraw but can send no-effect txs with any gas price. So they threaten to ‘burn’ all funds via tx fees unless compensated.”


In the last few days, three ETH transactionstook place: a customer paid $2.6 million to send $134 worth of ether. Few hours later, the same individual transferred $86,000 of ETH for precisely the same fee. A third transaction by a different user paid $500,000 in fees, but it’s unrelated to the blackmail attack.


Until now, the deals have been explained away as either a bug, money laundering or tax evasion. Others suspect human error.


A new report, however, turns the scales. Focusing on the two $5.2 million transactions, Chinese crypto analytics firm Peckshield concludes that the extraordinary ethereum transfer ‘blunders’ are the result of “gas price ransomware attacks.”


Researchers explain how the hackers gained access to the exchange’s funds and servers through phishing, granting them permission to send money to trusted wallet addresses under the platform’s database, just not their own.


The multi-signature security setting on the platform prevented the thieves from making transfers to their own accounts, but there was a loophole that allowed them to transact to addresses that require single authorization.


So, they have weaponized their stolen authority, sending very small amounts at ridiculously high transaction fees, to force payment. According to the report, the hackers still have access to 21,000 ETH ($5 million) that “if the exchange does not give a certain ransom through other means, the hackers will further spend the money.”


In another tweet, Vitalik Buterin offered a different explanation. “Similar situations could happen in ‘scorched earth’ games, including scorched-earth vaults aka ‘Moeser-Eyal-Sirer’ vaults as well as scenarios where hackers can slash but not steal staked funds,” he said.


What do you think about this ongoing ethereum fees debacle? Let us know in the comments section below.20 Blockchain Surveillance Firms Monitor Crypto Networks, But Some Apps Show InaccuraciesBLOCKCHAIN | May 15, 2020Malta’s "Blockchain Island" Dream Deferred as 70% Entities Shun LicensingBLOCKCHAIN | Apr 25, 2020Tags in this storyBlackmail, Ethereum fees, Ethereum hacking, Multi-signature verification, Peckshield, Ransomware attack, Vitalik Buterin


Image Credits: Shutterstock, Pixabay, Wiki CommonsPurchase Bitcoin without visiting a cryptocurrency exchange. Buy BTC and BCH here.Show comments

News Feed

With New Regulations, Europe’s Crypto Companies May Be Running Out of Options
With New Regulations, Europe’s Crypto Companies May Be Running Out of Options European crypto companies are finding themselves in a changing regulatory environment. The new rea
Snowden Reacts to Bitcoin’s New Price Milestone — Whistleblower Tweets ‘One word: Bitcoin’
Snowden Reacts to Bitcoin"s New Price Milestone — Whistleblower Tweets "One word: Bitcoin" The price of bitcoin has just hit a historic milestone in a turbulen
Tom Blackstone4 hours agoPond0x DEX claims $100M in trading volume as critics allege it’s a scamPond0x reported that its DEX reached $100 million in cumulative volume, citing a Dune dashboard as evidence.2181 Total vie
Demand for Cryptocurrency Miners Rises in Russia Amid Low Prices of Hardware
Demand for Cryptocurrency Miners Rises in Russia Amid Low Prices of Hardware Russia’s market for specialized crypto mining equipment has been seeing high demand over the pas
Turner Wright4 hours agoLedger lays off 12% of staff, citing ‘macroeconomic headwinds’The wallet manufacturer reportedly had around 734 employees at the time of publication, suggesting roughly 88 people may have lost
ENS to end eth.link domain suit after DAO greenlights $300K settlement
Jesse Coghlan5 hours agoENS to end eth.link domain suit after DAO greenlights $300K settlementENS Labs has been given approval from its DAO to settle and dismiss a legal fight over the ownership of the eth.link domain.81
Bitcoin Tipped For $340,000 Target If This Support Level Holds – Details
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
William Suberg13 hours agoBiggest mining difficulty drop of 2023? 5 things to know in Bitcoin this weekBitcoin begins to fulfill traders’ downside targets as BTC price action retraces its steps in a crucial macro week.
Facebook’s Novi Launches Pilot Program in Guatemala and US Using Pax Dollar
Facebook"s Novi Launches Pilot Program in Guatemala and US Using Pax Dollar Novi, Facebook’s digital wallet, will launch a pilot program to test the functionality of the ser
Report: Reddit Co-Founder Alexis Ohanian’s Seven Seven Six Targets $177M for a Crypto-Centric Fund Called Kryptós
Report: Reddit Co-Founder Alexis Ohanian’s Seven Seven Six Targets $177M for a Crypto-Centric Fund Called Kryptós According to a recent report, the venture capital firm founded
Brayden Lindrea8 hours agoLido Finance discloses 20 slashing events due to validator config issuesThe initial impact amounted to 20 Ether, worth $31,000, while the validator involved has now been taken offline.1297 Total
Mariko Wakabayashi2 hours agoExperiments show AI could help to audit smart contracts, but not yetArtificial intelligence has proven effective at identifying security vulnerabilities, but early tests indicate it won’t b