Suspected Ethereum Exploit Drains Wallet of 121 ETH in Gas Fees

An Ethereum user just paid $158,000 in gas for a transaction. On-chain analysts believe they were exploited in some way.

Suspected Ethereum Exploit Drains Wallet of 121 ETH in Gas Fees
Shutterstock cover by Chor muang

Key Takeaways

  • Today an Ethereum user spent a record 121.56 ETH (more than $158,000) in gas fees.
  • The gas fees were pocketed by the validator that processed the transaction.
  • Blockchain security company PeckShield believes there was some kind of foul play.

Share this article

An ongoing exploit has led to more than $158,000 being extracted from an Ethereum user through an operation involving extremely high gas fees. 

Gas Fees Gamed

An Ethereum user appears to have been the victim of a new type of exploit.

According to blockchain security company PeckShield, an Ethereum user was manipulated today into paying 121.56 ETH (about $158,000 at the time of writing) in gas fees for a transaction. These fees were then pocketed by the validator that processed the transaction.

Details surrounding the exploit and how it occurred are currently unclear. PeckShield appears to believe the attack to be related in some way to MEV, which is the practice of extracting value from transactions by reordering them while a block is still being built. On Ethereum, MEV-Boost relays enable MEV strategists to arbitrage such on-chain opportunities. 

The transaction was processed by an MEV-Boost relay belonging to Flashbots, the most prominent organization within the MEV sphere, and used a block-builder from builder0x69. The validator that outsourced its block production duties to the relay, meanwhile, is affiliated with liquid staking protocol Lido. At the time of writing, however, it’s unclear which—if any—of the parties involved is responsible for manipulating the gas fee to such heights.

Twitter posts from PeckShield suggest the company believes the exploit is ongoing. Shortly after posting about its discovery, the organization further stated that 24 different addresses were “gaming for this type of rewards.” Curiously, PeckShield then specified that none of them were related to Lido, suggesting the attackers may be using a different validator than for the initial operation. PeckShield has yet to respond to a request for comment.

GBV Capital analyst Sungjae Han advanced another theory: the Ethereum user may have purposefully paid 121.56 ETH in gas and only submitted the transaction once they knew they would be the one validating it. The practice would theoretically enable the operator to launder funds through their validator business practice, only burning a small amount of ETH in the process (0.32 ETH, according to Han). However, the hypothesis fails to account for the numerous other transactions PeckShield claims to have sighted.

This story is developing and will be updated as more information surfaces.

Disclosure: At the time of writing, the author of this piece owned BTC, ETH, and several other cryptocurrencies.

Share this article