Possible ETH Exploit in the wild !

[Chlotide]

We've all heard of cases when a user pays too much gas fee, sometimes tens or even hundreds of ETH. Most of the times, at least in POW times, the miner would return the huge fee.

It seems that the trend did not die with the Merge.
https://cryptobriefing.com/suspected-ethereum-exploit-drains-wallet-of-121-eth-in-gas-fees/

Analysts seem to suggest an exploit of some sort.
The transaction in question is this one https://etherscan.io/tx/0x4a84d0872887f91546cd5400cf99763b654975efb3376ee55e4463bcfbca4e97 and they say there are more where this came from.

https://twitter.com/peckshield/status/1582756435955359744?t=Q-KyMcSnmAAFTnQl67WJLw&s=19

Hope it was some sort of user error, but pretty suspicios that this sort of error happened 25 times already.

[zasad@]

Interesting information.
I see sending coins to the address of the smart contract, but this story has been repeated several times. Maybe this user is trying to make an arbitrage deal, or maybe this is a mistake. But this is definitely not a hack, otherwise all the savings would be stolen.

Transaction Fee:
28.480009560324741075 Ether ($36,978.16)
https://etherscan.io/tx/0x1fcf5d42b22bf3ab4ac5ab40dbee7afe6073c227a3b83c992a1fb134cfc61c2b

Transaction Fee:
2.701563934716490675 Ether ($3,507.68)
https://etherscan.io/tx/0xbd1d7c0c827feef50208b844672e05baab894e5271e28c858b6cdbd6c80f39ea

[JeromeTash]

But this is definitely not a hack, otherwise all the savings would be stolen.

I am not technical guy but some analysists have confirmed that it's an attack of sorts where the hacker profits from returned gas fees

This tweet has some details - https://twitter.com/Supremacy_CA/status/1582789430368092160

[Chlotide]

Transaction Fee:
28.480009560324741075 Ether ($36,978.16)
https://etherscan.io/tx/0x1fcf5d42b22bf3ab4ac5ab40dbee7afe6073c227a3b83c992a1fb134cfc61c2b

Transaction Fee:
2.701563934716490675 Ether ($3,507.68)
https://etherscan.io/tx/0xbd1d7c0c827feef50208b844672e05baab894e5271e28c858b6cdbd6c80f39ea

There is something fishy here and not really sure it's arbitrage.

For the first tx you mentioned there were 43.0240199999999 ETH sent and 28.4800095603247 ETH used as fee. So the total is 71.5040295603247 ETH
For the second tx there were 4.0817743759999 ETH sent and 2.70156393471649 ETH used as fee. So the total is 6.78333831071639 ETH
Also in this tx there were 183.641931506 ETH sent and 121.563438794771 ETH used as fee. So the total is 305.205370300771 ETH

ETH sent	|	ETH fee	|	TOTAL	|	% sent from total	|	% fees from total	|	% fee from sent
4.0817743759999	|	2.70156393471649	|	6.78333831071639	|	60.173534%	|	39.826466%	|	66.186018%
43.0240199999999	|	28.4800095603247	|	71.5040295603247	|	60.170064%	|	39.829936%	|	66.195603%
183.641931506	|	121.563438794771	|	305.205370300771	|	60.169954%	|	39.830046%	|	66.195905%

The percentages are pretty similar, don't you agree ? And as we all know, coincidences do not exist !

[zasad@]

But this is definitely not a hack, otherwise all the savings would be stolen.

I am not technical guy but some analysists have confirmed that it's an attack of sorts where the hacker profits from returned gas fees

This tweet has some details - https://twitter.com/Supremacy_CA/status/1582789430368092160

When you send your money to a smart contract, you should be stopped by a high commission. In this case, the validator made a profit.
The most reliable way to interact with mart contracts is to use separate wallets that do not have a lot of money.

[Kavelj22]

Just as I don't believe these diversions are the result of a SCAM operation, I also don't think they happened by mistake. I do not expect a beginner person to complete transfers of thousands of dollars without having sufficient knowledge of how the blockchain network works with Ethereum.

The most plausible hypothesis is that one of the miners perform these operations, if we assume that they can choose the transactions on the network, and therefore they can confirm the transactions that they make themselves. I don't have enough technical experience to confirm this but I know that this is possible with Bitcoin and I don't know how compatible it is with Ethereum.