The Ethereum holder who paid $5.2 million in fees for just two transactions is a small peer-to-peer exchange in Korea, according to PeckShield, a blockchain security firm.
The exchange, called Good Cycle, is also likely a Ponzi scheme project that got hacked due to poor security standards, PeckShield reports.
“We have identified the victim, a small P2P exchange in Korea called Good Cycle, which appears to be a Ponzi Scheme project. Our investigation found that their security is really lacking, e.g., using HTTP instead of HTTPS, and could be easily hacked.”
Speculation abounded in the Ethereum community after Good Cycle – then an unknown whale – transferred $133.82 in ETH for a fee of $2.6 million on June 10th and then another 350 ETH worth $86,929.50 for a $2.6 million fee the following day.
Chiachih Wu, the research vice president at PeckShield, says the firm was able to identify the exchange as the owner of the ETH after registering an account, depositing 0.5 ETH into the given deposit address, and then tracking the funds.
PeckShield also reported to ChainNews that the gigantic transaction fees are likely the work of a “GasPrice blackmail attack.”
Explains Ethereum co-creator Vitalik Buterin,
“So the million-dollar txfees *may* actually be blackmail. The theory: hackers captured partial access to exchange key; they can’t withdraw but can send no-effect txs with any gasprice. So they threaten to ‘burn’ all funds via txfees unless compensated.”
The recent $5.2 million in fees for the two relatively small ETH transfers triggered alerts by the two mining pools, SparkPool and Bitfly, that confirmed the transactions. Since both pools are powered by a team of distributed miners, the operators took some time to investigate what went wrong.
But four days after the 350 ETH transaction, Bitfly announced that it would be distributing the $2.6 million transaction fee to the miners in their pool because the sender had yet to contact them.
Featured image: Shutterstock/alphaspirit