Here’s who paid $5.2 million in Ethereum fees last week

Researchers at blockchain analytics platform PeckShield have found out who owns the Ethereum address that, for some reason, paid $5.2 million in fees to send just two transactions last week. They have identified the owner as a small, peer-to-peer crypto exchange in Korea, called Good Cycle, and suggest that it could be operating a Ponzi scheme.

“Update: We have identified the victim, a small P2P exchange in Korea called Good Cycle, which appears to be a Ponzi Scheme project. Our investigation found that their security is really lacking, e.g., using HTTP instead of HTTPS, and could be easily hacked,” PeckShield tweeted today.

PeckShield’s vice president of research, Chiachih Wu, added that they sent a transaction of 0.5 ETH to the exchange, which swiftly got picked up and sent to the address that made the two huge transaction fees. This, they say, demonstrates that the address belongs to the exchange.

The $5.2 million in Ethereum fees

Last week, two mysterious transactions were made that forced blockchain data companies to check their data wasn’t corrupted. While normal Ethereum transaction fees are around $0.17 per transaction, these two transactions both spent $2.6 million in fees; one of the transactions was to send just $100 in Ethereum.

While many first thought the transaction was a bug, the second transaction muddied the waters even further. PeckShield was the first to report that it may be an exchange wallet—and that the exchange may have been targeted by blackmailers.

“So the million-dollar txfees may actually be blackmail. The theory: hackers captured partial access to exchange key; they can't withdraw but can send no-effect txs with any gas price. So they threaten to "burn" all funds via tx fees unless compensated,” Ethereum co-founder Vitalik Buterin tweeted about the research.

Then ZenGo cryptocurrency wallet researcher Alex Manuskin posted a response claiming that blackmail was unlikely. He doubled down on the idea that an automated system went wrong and accidentally sent the inordinate transaction fees.

Either way, the victim, which now appears to be Good Cycle, never came forward to claim the transaction fees. They have now been distributed out to miners.