There have been up to 3 transactions lately that incurred millions of dollars as transaction fees on the Ethereum network. Vitalik, the creator has commented on this saying he thinks this could be blackmail.
In a tweet he released on 12th June, he said :
So the million-dollar txfees *may* actually be blackmail.
He further gave his theory of what he believes happened.
“Hackers captured partial access to exchange key; they can’t withdraw but can send no-effect txs with any gasprice. So they threaten to ‘burn’ all funds via txfees unless compensated.”
Vitalik also added that this could happen to “Scorched earth” games, he said
Similar situations could happen in “scorched earth” games, including scorched-earth vaults aka “Moeser-Eyal-Sirer” vaults @el33th4xor @ittayeyal, as well as scenarios where hackers can slash but not steal staked funds @drakefjustin @dankrad
Others
The 3rd abnormal tx on ethereum with over 2000 ETH fee went [through]. Someone believes it could be a hacker’s blackmail to some exchange,” twitted NEO Co founder Da Hong fei
Also, Primitive Crypto founding partner Dovey Wan speculated
PACKSHIELD
Packshield, a China based blockchain analytics company has explained the outrageous fees to be “gas price Ransomware attack”
The research claims that hackers might have gained access to exchange funds but are not able to transfer these funds out to their personal wallets. They can only move these funds within a range of white listed addresses on the database, so they decide to move a small amount of funds with very high fees, probably to clear off the exchanges funds if a ransom isn’t paid to them.
How they got in
The report believes they started off by using a phishing attacks to gain access to the exchange. They got in but only to find out that the exchange and a multi-signature security setting. This means that for funds to out, it will require more than just one individual or password to do so. They found out sending funds to white listed address on the database was possible since this only required a single authorization to do so, hence the transactions.
The hackers might continue doing this until the exchange pays a ransom or maybe not…..