A few days ago, the ethereum network witnessed two transactions sent from the same address and with an abnormally high transaction fee. The first transaction involved $133 worth of ethereum and cost $2.6 million to transfer the funds. A couple of hours later, the same user spent another $2.6 million to send ETH worth around $87,000.
These transactions quickly caught the eyes of most crypto enthusiasts, with some suggesting it was a mistake caused by a bug in the wallet software of the unknown ethereum user.
However, roughly 23 hours later, another anomalous transaction was noted by the crypto community. This one involved the user sending 3,200 ETH and paying a fee of $500K. It should be noted that the ETH address for this third transaction had no connection to the earlier address that sent the first two unusually expensive transactions. This aroused speculations of bad faith in play – such as a hacker.
Ethereum founder Vitalik Buterin took to Twitter a few hours ago to share his insight on what may have actually transpired. In his tweet, Buterin argued that the “million-dollar txfees *may* actually be blackmail” directed at a certain exchange.
To elaborate on his theory, Buterin postulated:
“Hackers captured partial access to exchange key; they can’t withdraw but can send no-effect txs with any gasprice. So they threaten to “burn” all funds via txfees unless compensated.”
This key, according to Buterin, could have been stored in a sort of a cloud server with a non-root account that is capable of withdrawing only to certain whitelisted addresses.
Buterin further explained that “similar situations could happen in ‘scorched earth’ games, including scorched-earth vaults aka ‘Moeser-Eyal-Sirer’ vaults”, and it could also be a situation “where hackers can slash but not steal staked funds”.
When quizzed whether these scenarios were only possible on ethereum, Buterin noted that they can happen on any other blockchain platform.
This theory has been corroborated by researchers at blockchain security firm Peckshield who concluded that the exorbitantly high fees are possible “gas price ransomware attacks launched by hackers targeting the exchange”.