The Curious Case of the Very High Fees - The Daily Gwei #7


Last week, there was an Ethereum transaction that piqued the interest of the entire crypto space because it included a rather large fee of $2.6 million to move a very little amount of ETH. This was, in fact, the largest fee ever paid on the Ethereum network (in USD terms).

Immediately after I put this tweet out, many people started speculating on what the root cause of this was. Was it a “fat finger”? A hacker? A money laundering scheme? Or maybe a bot gone rogue? There were many replies but no conclusive answers as to what exactly happened (although many figured it was just an accident on the senders behalf). A few hours after the transaction was sent, the pool that mined the transaction (and received the fee), SparkPool, put out a tweet that stated that they were investigating and that was that.

Then it happened again.

Another transaction with the exact same fee (denominated in ETH) was sent from the exact same address - the only differences were the receiver address and the amount sent. This time, the transaction was mined by Bitfly’s pool and they put out a tweet asking the sender to get in contact with them.

This second transaction sent crypto twitter into a frenzy once again and the “money laundering” theory started to gain more traction as it’s highly unlikely that this would happen on accident two times in a row. Though, this theory was still met with skepticism because it seems like a very poor way of laundering money (why do it so publicly?) and how do you launder money via transaction fees without the mining pools being in on it?

Then another abnormally high transaction fee was sent. This one was actually quite different in that it came from a different address, had a different fee of lower value, and the amount sent was actually higher than the fee. It later came to light that this transaction was unrelated to the other two and was most likely a separate hack.

Then came the most interesting part of this whole ordeal. A piece from Chinese media outlet Chainnews was published that claimed (based on auditing firm PeckShield’s analysis) that the high fee transactions were probably “gas price ransomeware attacks”.

Wait, what? Yeah, that was my reaction too! As if this whole thing couldn’t get any weirder.

Decrypt then published their own piece that summarized it quite well:

“In short, the researchers claim that the hackers have gained access to an exchange’s funds. They are able to send money to certain whitelisted accounts that are marked as reliable in the exchange’s database to—but not to their own. So, they are sending the funds with excessively high transaction fees to sap the exchange’s accounts, and they’re demanding a ransom if it’s going to stop.”

Crazy, right? To my knowledge, this is the first time that this “attack” has been attempted. I haven’t seen any information on if this has been successful or not yet (and I doubt the exchange affected would announce if they paid a ransom). The high fee transactions seem to have stopped for now so we can assume that the exchange thwarted the attacker, the hackers gave up, or we’ll be seeing more of these high fee transactions over the coming days and weeks.

Bitfly announced just hours ago that they would now be distributing the fee that they mined to the miners of their pool. At time of writing, SparkPool has yet to comment on what they’ll be doing with the fee that their pool mined.

Anyway, that’s all for now, have a great day everyone!


All information presented above is for educational purposes only and should not be taken as investment advice.


Follow and Support Me