Somebody is repeatedly sending out Ethereum transactions worth of $100 with $2,500,000 fee. The most likely explanation, by Occam's razor, is that an exchange has a broken hardware wallet device or custody solution.

When checking the address on EtherScan it seems to be associated with Bithumb, a Korean exchange based on the To: address of the transaction that seems to be a user deposit address to Bithumb hot wallet. One fee mistake could be explained by a programming error. But now it has happened more than once, it is likely that it is no longer a mistake.

It is not anti-money laundering as a crook would not want to draw the attention of all the Ethereum world to the transactions with the highest fees ever. Also the transactions were broadcasted to the Ethereum public mempool, not privately broadcasted to a miner. Different mining pools picked up the transactions, mined them and received the fees.

Then the next likely explanation is that the exchange has lost access to its wallet, either by stupidy or by malice. Often exchanges use special devices or custody providers to ensure the security of their wallet, from provides like Ledger Vault or BitGo. In this case, it sounds like the wallet has been either partially hacked or misconfigured. Also it would not be the first time the exchange loses their paper backups, it also happened with New Zealand Cryptopia exchange that could not restore the access to their own wallet after a hack.

  1. A malicious party has control over the exchange hardware wallet and is draining with super fee transactions and trying to blackmail the exchange
  2. The exchange itself programmed the device permanently to have a too low withdrawal limit. These hardware devices have a way to lock the admin out if you are not careful - that makes them secure. If this happened the only way for the exchange to get money our from their wallet is to make super high transaction fee transactions and then beg Ethereum mining pools to give back their money.

Pick your favourite with Hanlon's razor: Never attribute to malice that which is adequately explained by stupidity.


Send any feedback and comments by replying the Twitter thread.

About the author

Mikko Ohtamaa
Mikko Ohtamaa

Mikko Ohtamaa is the CTO of Capitalgram. He has been working with fintech and blockchain companies since 2013. He has helped several companies to bootstrap and now focuses on building smarter capital markets.

Read full bio LinkedIn Twitter