Blockchain analysis company PeckShield points to Good Cycle as the victim of the three mysterious Ethereum transactions, which added $5,2 million in fees to the network's miners.
On its official Twitter account, the blockchain analysis and research firm peckshield, confirms that the mysterious and particular transactions of Ethereum were carried out by company bots Good Cycle. According to the firm, a complete trace was carried out on all transactions and movements made from the address that sent the first two transactions; whose commission fees totaled $5,2 million at the time they were made.
To test this hypothesis, the company PeckShield points out that Shipping 0,5 ETH to a Good Cycle address; and that after a few minutes, the 0,5 ETH were sent to the same address from which the two transactions were made. A fact that confirms that that address belongs to Good Cycle.
In the tweet, the research firm points out that it identified the victim of these extravagant commissions, stating that it is the Korean exchange Good Cycle.
Likewise, peckshield He pointed out that it is a small exchange that has a fairly poor security system. And it was because of this low security that the hackers were able to access the account and carry out the transactions. Although as noted in a previous report issued by this firm, the hackers were not able to take full control over the funds; this because it is multi-signature addresses. For this reason, the hackers only gained partial control that allowed them to spend the money through previously authorized addresses.
It may interest you: Possible case of extortion: the strange transactions in Ethereum are the product of an exchange or custody service hack
What we know so far
Let us remember that in recent days the Ethereum network was the cradle of 3 mysterious transactions, in which million-dollar commission fees were paid to miners. Thus, the primera y second transaction, which were the most significant in terms of commissions, were carried out through the same address, while the third, but equally strange, was carried out by another user who also paid an unusually high sum of commissions to the miners.
Thus, because of these 3 transactions that occurred consecutively on the Ethereum network, researchers from the firm PeckShield began an arduous investigation to discover if it was a human error, a case of money laundering or extortion. . So, as the investigation progresses, the firm has issued statements and reports to make its discoveries known to the cryptographic community.
In this sense, the report from PeckShield points out that these transactions are related to a case of extortion and blackmail against a cryptocurrency exchange or custody service. Now the new ones statements from the research firm point to Good Cycle as a victim of this extortion.
Even so, this exchange located in South Korea has not commented on the matter. On the other hand, the mining pool Ethermine announced which would distribute the commission received of 10.668,7 ETH among its miners. The commission for said transaction is equivalent to 2,6 million dollars. For its part, the distribution of the fee will be done fairly for all miners who participated in the extraction of the block. Thus, each miner will receive a commission according to the hash power contributed by each one at the time of extracting the block. For its part, SparkPool, the pool that mined the first transaction, will do the same regarding the miners' commission.
Details of the new report: a Ponzi scheme in trouble
The PeckShield investigation, which is still ongoing, revealed some of the group's investigative work detailing:
“We had to start from 0x12d8012 and 0xe87fda7 associated with the address 0xcdd6a2b as a preview, and do a deeper search and crawl. “We finally found that the address starting with 0xcdd6a2b belongs to a small exchange called Good Cycle in South Korea.”
Likewise, the report indicates that this exchange is possibly a Ponzi scheme, due to the way it operates and the advertisements it makes to attract more users. On the other hand, the researchers pointed out that the exchange has a fairly low security system. Therefore, it is presumed that this was the cause of the attacks of ransomware y Phishing on the platform.
“Our analysis found that the Good Cycle Exchange website is based on the HTTP protocol and does not support access to the HTTPS encryption protocol. Therefore, all confidential information is transmitted in clear text. And It is easy for hackers to carry out attacks such as phishing.”
Finally, the PeckShield report points out that since it is a Ponzi scheme, the loss of $5,2 million is “just bad luck.” Those in charge of this system are willing to keep this incident hidden; Therefore, they have not presented themselves as victims of the attack nor have they requested the return of the funds to the mining pools. PeckShield believes that if the scheme is maintained, then its managers will be able to recover much more than they lost, even hundreds of millions more.
Continue reading: Javier Pastor: The elimination of cash in Spain could boost the presence of cryptocurrencies
