A little-known South Korean peer-to-peer crypto exchange Good Cycle is behind the last week’s high-fee Ethereum transactions, according to blockchain analytics and security firm PeckShield.
PeckShield said Good Cycle appears to be a Ponzi project and could be easily hacked because of its security flaws: the exchange's website uses HTTP protocol instead of HTTPS.
Good Cycle has also confirmed on its website that it suffered “repeated” hacks. Moreover, the exchange has now sent two transactions to Ethermine and SparkPool with a message that says: “I am the sender.”
Last week, two high-fee Ethereum transactions took place in which the sender spent around $5 million. Mining pools Ethermine and SparkPool each facilitated one of the strange transactions. Initially, they both waited for the sender to reach out. On June 15, Ethermine distributed the fees to miners. SparkPool had said it would do the same once a deadline of June 17 at 15:30 (GMT+8) had passed.
Since Good Cycle contacted SparkPool via the new transaction before this time limit, it remains unclear what the mining pool would decide now. The Block has reached out to both SparkPool and Ethermine and will update this story should we hear back.
It also remains unclear who hacked Good Cycle and might have also blackmailed the exchange. Last week, Ethereum creator Vitalik Buterin explained the blackmail theory: “Hackers captured partial access to exchange key; they can't withdraw but can send no-effect txs with any gasprice. So they threaten to ‘burn’ all funds via txfees unless compensated.”