Researchers have concluded that the recent Ether transfers that spent over $5 million in gas fees are the result of hackers trying to extort a compromised exchange.
However, new reports have given weight to speculation that the seven-figure fees may have been deliberately spent as part of a blackmail scheme targeting a cryptocurrency exchange, with Chinese blockchain analysis firm PeckShield concluding that the transactions were likely resulting from extortion attempts.
Seven-figures ETH fees attributed to extortion
On June 12, Chinese media outlet Chainnews reported that analysis firm PeckShield has concluded that the string of multi-million dollar fees that were paid by hackers seeking to ransom a cryptocurrency exchange.
The report speculates that the exchange had been compromised in a phishing attack, allowing hackers to gain control over permissions for many of the platform’s operational functions, including its servers.
While the implementation of multi-sig restrictions prevented the attackers from draining the exchange’s funds to wallets under their control, they are able to make transfers to whitelisted addresses — determining the gas fees paid on said transactions.
As such, the researchers believe that the hackers are threatening to empty the exchange’s wallet if they are not paid a bribe, with PeakShield asserting 21,000 ETH remains in the wallet under the hackers’ control.
One wallet pays $5m to move 355.5 ETH in 24 hours
The first multi-million dollar transfer fee occurred on June 10, with $2.6 million in fees being paid to move just 0.55 ETH. Within 24 hours, a second transfer of 350 ETH was made from the same wallet, again spending $2.6 million in gas.
The following day saw the Ethereum network process a third curious transfer, this time from a different wallet. The transaction paid 2,310 ETH to move 3,221 Ether.
The obscure transfers elicited an array of theories from members of the crypto community seeking to explain the seven-figure fees, attributing the transactions to vengeful actions of a former exchange employee, fat-fingered human error, or a bug in a money-laundering bot.