The near irreversibility of blockchain-based transactions is often heralded as one of the greatest strengths of the technology. On some days, however, it can be a double-edged sword, as revealed by an analysis of an ETH transaction that took place within the past 24 hours.
First spotted on Reddit, an entity attempting to withdraw around 5 ETH (appr. $1935) from Binance exchange sent to the funds to a known private key ETH address.
A known private key ETH address is one that the owner had stored the private key online. Hackers typically scrap the internet in search of such addresses, and then set up bots to transfer incoming and existing balances to a different address which they control.
It is to one of such addresses that the Binance ETH withdrawal was sent, with the associated bot almost immediately sending the funds to a different address. Noteworthily, the transaction spent 4.95 ETH ($1936) to send a meager 0.038 ETH (appr. $15).
Although Coinfomania has reported some high-profile errors where several million-dollar worths of ETH was spent in transaction fees, the current high-fee spending scenario is unique.
As noted by Reddit user, james_pic the fact that several bots are monitoring known private key ETH address means the one with the highest transaction fee generally wins. Therefore, even in the current case where over 99% of the value was spent on fees, the bot still got a non-zero payout ($15) for free.
The winning address for the mistaken Binance transfer currently holds a little over 1 ETH presumably amassed from mopping up small balances from various accounts with known private keys.
Key Takeaways
The biggest takeaway from the last ETH hoax is for cryptocurrency users to always double-check addresses before sending transactions since confirmed transactions are irreversible.
Secondly, it is not a safe-practice to store private keys to cryptocurrency wallets online, since hackers can easily monitor transactions and spend coins sent to associated addresses. The known private key ETH address that received the initial ETH transfer may still belong to the unknown Binance user, but unbeknownst to them was also under the watch of hackers.
