In the past few days, a user managed to spend $ 5.2 million in fees, made in only two transactions, and one of them was only for $ 130. And now, another user has made a third transaction, though for a fee of only $ 500.000. What, then, Ethereum (ETH) has been hacked?
First he ran the voice through Telegram, according to Steven Zheng of The Block. In the same way, a manager of a group of Telegram he noticed that there was a problem with the Balancer, a protocol DeFi focused on facilitating the exchange of tokens.
Making reference to the fact that Ethereum has been hacked, Zheng, was one of the first to spread the news, posting a tweet: “Apparently, someone drained a Balancer Pool composed by WETH and STA and escaped with $ 500k in WETH“.
Hours after the tweet of Zheng, the attack was confirmed by the exchange decentralized based on Ethereum, 1inch and Mike McDonald, co-founder of Balancer Labs.
Ethereum has been hacked for $ 5.2 million
Meanwhile, the investigation of the exchange discovered that the attacker used a smart contract to manipulate Balancer:
“These funds were used to exchange token WETH to STA a and again 24 times.”
For its part, 1inch, has classified the attacker as a “engineer of smart contract very sophisticated, with a wide knowledge and understanding of the main protocols of DeFi“.
Regarding this, Larry Sukernik, an investor in Digital Currency Group, argued that the products DeFi are too complicated:
“An extremely high iq can be a hindrance to building successful products. You get people with a big brain that need to be put to work“.
“And when you get to work, the result is often a complex product, brilliant, but incredibly unusable”.
Theory of Vitalik Buterin with respect to that Ethereum has been hacked
In recent weeks, according to what described by Vitalikthe increase in transaction fees in the network Ethereum has caused quite a stir. It should be emphasized, that three transactions of Ethereum relatively minor was sent for a fee of millions of dollars.
- The first transaction was recorded on the 10th of June and paid an amount of $ 2.6 million in fees to send 0,55 ETH.
- On the 11th of June occurred a second transaction, they sent 350 ETH, approximately $ 86.000, for a transaction fee of $ 2.6 million. Is more, the community still thought that this was a mistake.
- On the 13th of June, it registered another third transaction, 3.221 ETH, was sent for a fee of 2,300 ETH. Completely eliminating the speculation that it was a mistake. Without a doubt, the clues indicate something worse than what you initially supposed.
It is important to note that an analysis carried out by Glassnode indicated, that the second transaction came from the same direction as the first. In addition, the research firm also determined that the fee for the second transaction was identical to the first.
At this point, there were speculation that it could be a hack and blackmail, as stated by the research firm Peckshield. According to them, the exchange was the victim of a phishing attack, and one or more computer hackers got partial access to the keys of the platform.
The research of PeckShield
The company analysis Blockchain PeckShieldnotes to Good Cycle as the victim of the three mysterious transactions of Ethereum, which totaled $ 5.2 million in commissions.
In his official Twitter account, confirms that the mysterious transactions of Ethereum were made by bots of the company Good Cycle.
According to the firm, we conducted a tracking of all the transactions made from the address that sent the first two transactions.
To verify this hypothesis, the firm PeckShield points out that he sent 0,5 ETH to an address of Good Cycle, and after a few minutes, the 0.5 ETH were sent to the same address from which you made the two transactions.
Likewise, PeckShield indicated that it is a small exchange with a security system is quite poor. And that it was because of this poor security that hackers were able to access the account and perform transactions.
The audit of Ethereum has been completed
In summary, the researchers PeckShield, they claim that the computer hackers have gained access to the funds of Ethereum. What is most remarkable is that, they can send money to certain accounts from the list that are marked as trusted in the database of the exchange, but not to theirs.