$102,417.00
-2.44%$2,447.28
-6.85%$2.12
-3.87%$639.95
-3.90%$146.51
-4.71%$0.999795
0.00%$0.276609
1.35%$0.174228
-8.31%$0.63471
-5.85%$2,444.86
-6.82%$102,324.00
-2.47%$34.29
-3.06%$2,939.05
-6.34%$2.98
-6.59%$13.16
-5.20%$8.81
-1.48%$0.260295
-2.61%$19.07
-5.49%$382.77
-4.70%$3.06
-4.55%$0.00001211
-5.90%$0.999788
0.01%$0.162904
-3.28%$2,447.59
-6.92%$84.30
-4.67%$2,611.79
-6.84%$1.00
0.05%$3.91
-3.11%$319.02
0.22%$1.001
0.01%$4.57
-3.33%$0.62489
-3.90%$0.00001087
-9.26%$102,475.00
-2.45%$31.13
-0.63%$247.01
-6.78%$6.01
-5.20%$1.18
0.04%$361.74
-4.92%$49.99
-0.22%$0.098574
-1.87%$1.00
0.00%$4.56
-5.28%$2.30
-6.35%$176.99
-4.56%$4.93
-6.85%$1.054
0.02%$16.52
-4.60%$0.791754
-4.69%$29.86
-4.91%$18.53
-3.39%$1.00
-0.01%$0.082306
-1.54%$0.637478
-4.16%$9.85
-9.76%$0.02289279
-4.05%$4.42
-0.02%$0.726562
-9.34%$4.15
-3.60%$3.62
-4.79%$102,331.00
-2.42%$0.201983
-6.29%$0.293924
-7.79%$1.052
-7.19%$2.41
-6.99%$0.330772
-8.50%$110.44
-5.95%$0.184433
-3.81%$0.074168
-1.11%$0.997773
0.06%$4.34
-2.24%$2,452.49
-6.68%$0.999696
-0.06%$11.11
-0.56%$1.00
-0.05%$0.463001
-10.72%$2.00
-7.64%$154.78
-4.63%$1.21
-2.75%$0.01778943
0.07%$0.370956
-5.20%$2,776.15
-7.03%$0.00001481
-6.27%$11.49
-5.74%$3.95
-2.78%$1.68
-7.71%$2,557.60
-6.67%$0.696296
-7.64%$1.045
12.85%$1.12
-4.05%$0.606038
-4.38%$1.00
0.04%$0.999191
-0.06%$1.00
-0.01%$0.182075
-6.34%$0.058484
-2.86%$102,024.00
-2.74%$0.584916
-6.32%$0.498189
-9.73%$2,633.81
-4.25%$2,608.00
-6.82%$0.088981
-6.30%$640.52
-3.82%$102,116.00
-2.76%$0.619117
-3.37%$3,371.49
-0.09%$0.83071
-6.15%$2,571.58
-6.67%$3,387.91
-0.00%$103,183.00
-1.83%$47.39
-5.90%$0.00007986
-3.34%$163.38
-4.63%$2.28
-6.98%$0.725442
-3.99%$190.23
-4.69%$0.01567404
-5.36%$111.32
0.01%$0.770385
-12.50%$0.999969
0.00%$4.12
-0.31%$0.00000068
-2.35%$0.01365675
-5.27%$19.88
-9.13%$0.17279
-5.27%$0.263205
-4.37%$0.475013
-2.82%$32.02
-4.44%$0.997469
0.01%$0.108764
-6.28%$2.01
0.12%$101,745.00
-2.84%$0.104209
-4.99%$2.11
-2.93%$1.10
-0.01%$0.60553
-7.30%$0.00941601
-7.52%$1.10
0.84%$1.75
-5.20%$0.549958
-4.78%$0.999738
-0.02%$2,450.29
-6.75%$0.697639
-3.37%$0.349972
-4.88%$9.69
0.54%$1.55
-5.55%$2,450.81
-6.72%$1.84
-5.25%$2.87
-3.60%$2,539.02
-7.35%$0.193139
0.98%$102,403.00
-2.50%$2,611.12
-6.75%$0.263987
-4.52%$2,447.68
-6.87%$0.999801
0.07%$0.01459531
-4.55%$34.34
-2.98%$102,243.00
-2.21%$2,648.68
-6.72%$0.477661
-8.37%$0.06512
1.65%$0.04625953
-7.04%$0.050227
0.12%$0.420696
-3.87%$0.999798
0.01%$0.175002
-7.91%$1.002
0.15%$0.588292
-7.93%$1.38
-7.16%$0.126163
-6.98%$0.00420394
-10.92%$100,842.00
-2.00%$0.526171
-5.02%$14.60
-6.92%$0.00002066
-4.53%$0.492898
-8.94%$1.088
0.00%$5.78
-4.56%$0.00000041
-1.99%$0.998951
-0.74%$1.67
-1.26%$36.58
-1.46%$2,445.53
-6.77%$43.79
-1.14%$1.00
-0.00%$6.02
-7.12%$0.364025
-11.29%$0.986845
-11.60%$0.999993
0.01%$2.36
-4.42%$0.323592
-9.24%$0.378831
-4.32%$34.34
-2.85%$0.00650713
-6.18%$0.00406783
-6.88%$0.072035
-5.78%$0.01897208
-1.02%$0.0044922
-4.79%$2,588.47
-6.52%$0.0372599
-4.49%$1.27
-8.90%$0.142732
-2.08%$1.082
-6.06%$0.135174
-5.62%$0.522675
-10.07%$2,692.77
-6.93%$0.339804
-4.10%$1.22
-6.76%$0.03337268
1.26%$102,697.00
-0.65%$0.787849
-2.67%$0.00388957
-3.49%$102,417.00
-2.53%$0.070683
-7.79%$2,672.32
-6.80%$122.00
-5.99%$0.00613471
-5.64%$0.00000082
-9.30%$7.75
-14.98%$0.999686
-0.01%$0.00005768
-2.48%$19.18
-2.20%$1.001
0.03%$1.61
7.75%$2,448.69
-6.90%$1.00
0.01%$0.20202
-6.30%$0.122439
-7.74%$19.12
-5.49%$2.98
3.49%$159.16
-4.81%$2,440.69
-6.90%$0.308018
-3.89%$0.633709
-7.83%$0.00000141
-2.47%$0.301832
132.29%$0.28409
-9.47%$0.462596
-6.55%$0.604451
-7.00%$0.195801
-7.50%$1.67
-1.00%$2.25
-7.87%$0.999654
0.00%$0.00386712
-6.81%$0.00298953
-6.53%$101,701.00
-2.35%$0.999301
-0.12%Reading
It’s been an expensive week for users of the Ethereum blockchain. In the last two days one user managed to spend $5.2 million in fees to make just two transactions—and one of them was only for $130! And now, a third transaction has taken place by another user, albeit for a fee of just $500,000, which seems small in comparison.
And these absurd transactions are prompting far-fetched theories.
“The 3rd abnormal tx on ethereum with over 2000 ETH fee went [through]. Someone believes it could be a hacker's blackmail to some exchange,” tweeted NEO co-founder Da Hongfei.
“A [wild] guess [is] certain exchange/wallet/ETH services is being “kidnapped” by hacker,” speculated Primitive Crypto founding partner Dovey Wan.
But, according to China-based blockchain analytics company PeckShield, reported by Chainews, these theories aren’t so wild after all. PeckShield’s analysis explains that the million-dollar snafus were probably “gas price ransomware attacks.”
Analysis done by PeckShield on the recent two major ETH transfers. This may be a GasPrice ransomware attack launched by hackers targeting the exchange. @thomasheller_ @celiawan2 @bitentrepreneur @sallywang666 @tzhen https://t.co/ve16ImVQsl
— Minion@TokenInsight (@minionabct) June 12, 2020
In short, the researchers claim that the hackers have gained access to an exchange’s funds. They are able to send money to certain whitelisted accounts that are marked as reliable in the exchange’s database to—but not to their own. So, they are sending the funds with excessively high transaction fees to sap the exchange’s accounts, and they’re demanding a ransom if it’s going to stop.
The research is aimed at the first two transactions, that spent $5.2 million in total on fees, but it may apply to the third one too. (Since publishing the article, it appears that the third transaction may have been unrelated and caused by a separate direct hack on another exchange).
The hackers started by using a phishing attack (where they fake a website or an email to try to gain credentials) to gain some kind of access to the exchange, according to the report. It worked, they had part of the permissions to send a transaction. But there was a problem.
The exchange had a multi-signature security setting. This means that multiple keys (like passwords) are required to send the money. So, it seemed like there was nothing they could do.
An Ethereum user has accidentally sent two transactions with excessively large transaction fees in the last day. As Decrypt reported yesterday, the user paid $2.6 million in fees to send just $130 of Ethereum. A second, similar mistake happened in the last few hours. This time, the user was sending a greater amount of money, some $86,000, but still spent the same amount as a transaction fee—another $2.6 million. How could this have happened? Someone just made a $2.6 million mistake on Ethereum “...
But then they realised they could circumvent this multi-signature security with a trick: they could send to whitelisted address, because these addresses only require a single authorization to send a transaction.
Only the hackers were unable to send the money to their own accounts in this way. Instead they figured they would send a small amount of Ethereum to one of the whitelisted addresses but tack on an excessively large transaction fee. While they weren’t getting any of the money, they were costing the exchange dearly. And that gave them room to demand a ransom.
And that’s the whole gambit: the hackers will keep sending ETH from this exchange until its operators cave to their demands, PeckShield’s analysis claims.
Decrypt could not immediately reach PeckShield for comment, nor could it verify which exchange (which is undisclosed in PeckShield’s report) has been affected.
This article has been updated with a comment on the third transaction.
The creator of the Bored Ape Yacht Club wants to take control of ApeCoin, after years of distancing itself from the Ethereum token created for its ecosystem. In a new ApeCoin Improvement Proposal idea, Yuga Labs CEO and co-founder Greg Solano (aka Garga) outlined potential plans to disband the ApeCoin DAO, eliminating all governance rights for APE token holders in the process. The idea, which started gaining attention on social media earlier this week, would transition all assets and responsibil...
A new dad coached his wife through the birth of their first child on Tuesday, a baby girl they named Solana—all while joined by a group of crypto degens on the livestreaming meme coin launchpad Pump.fun, who were there, naturally, to trade the token commemorating the event. “PUUUUUSHHHH,” traders of the PREGOWIFE token spammed the chat while the woman was hours into labor. Those watching the stream could only see the ceiling of the hospital room at the time but could hear everything. Viewers tol...
The issuer for the Truth Social Bitcoin ETF submitted an application for the fund to the U.S. Securities and Exchange Commission on Thursday. The S-1 registration statement arrives two days after the New York Stock Exchange Arca submitted a 19b-4 rule change to list the exchange-traded fund. Yorkville America Digital will manage the the fund, if it receives approval. That’s the same company through which the Trump Media & Technology Group and Crypto.com plan to debut a suite of “America firs...
