Here’s how the Parity Ethereum hacker is cashing out his funds


If you were around in 2017, you likely remember the Parity wallet hack.

Here’s some context if you don’t.

Parity is an Ethereum infrastructure provider that was in 2017 known for its multi-signature wallet. Multisig is a technology that requires multiple key holders to sign off on transactions to verify them, preventing the stealing of one key to lead to the loss of all funds.

A Parity version was bugged that allowed an attacker to drain 153,037 ETH from three high-profile multisig addresses:

“Today, we witnessed the second largest hack, in terms of ETH stolen, in the history of the Ethereum network. As of 12:19 pm UTC,  had drained 153,037 ETH from three high-profile multi-signature contracts used to store funds from past token sales. The problem was initially reported by the Parity team, since the affected MultiSig wallet contract was part of the Parity software suite.”

What happened was that there was a bug that allowed anyone to obtain “exclusive ownership of the MultiSig” and could thus move the funds once they obtained control of it.

150,000 ETH was worth around $30 million as of the time of the hack and around $115 million now.

While many of the funds were previously cashed out through instant swap tools that allowed them to launder their funds through other networks, these tools became unavailable as more stringent KYC/AML regulations were implemented.

This led to a period where the attacker did not cash out his funds.

But now, they have begun to move their Ethereum again.

Here’s how they’re cashing out their funds.

How the Parity hacker is moving their Ethereum

All of the Parity hacker’s addresses are tagged, leaving them with little opportunity to cash out their funds via a centralized exchange.

This raises the question, what can they do.

According to crypto research Igor Igamberdiev, what the individual or group is doing is swapping their Ethereum into RenBitcoin (RenBTC) via decentralized exchanges (take Uniswap, for instance),  then withdrawing those RenBTC to their own Bitcoin addresses.

From there, they can mix their funds using “mixer” services, then attempt to cash them out.

That is much more decentralized and private than the Tornado Cash solution, which may find it difficult to correctly hide the originations of millions of dollars worth of Ethereum.

One address cashed out a handful of RenBTC, though the rest of the hacked funds are inactive for some reason.

Like what you see? Subscribe for daily updates.





Source link

Latest articles

Jack Dorsey’s Square has ‘no plans’ to purchase more Bitcoin ‘at this point’

Digital payments company Square, led by Twitter CEO Jack Dorsey, decided to hit the brakes—at least for the time being—on Bitcoin...

Bitfinex hacker will need 114 years to launder $7 billion worth of stolen Bitcoin

Only 4% of nearly 120,000 Bitcoin (around $7 billion today) stolen by a hacker from crypto exchange Bitfinex in 2016 have...

This firm turned an old power plant into Bitcoin farm—and mined $60 million in a year

Over the past few years, private equity firm Atlas Holdings has created arguably the most ambitious and self-sufficient Bitcoin mining facility...

Mark Cuban reaffirms Bitcoin plans after Tesla snub sparks concerns

Billionaire ‘Shark Tank’ star Mark Cuban said today that Dallas Mavericks, the Cuban-owned NBA basketball team, will continue to accept Bitcoin...

Related articles

Leave a reply

Please enter your comment!
Please enter your name here