Parity wallet hacker begins laundering 150k in Ethereum after 7 years of inactivity

Hacker
who
stole
150,000
Ethereum
(ETH)
from
Parity
Multisig
Wallet
back
in
2017
has
started
laundering
the
first
batch
of
3,050
ETH.

A
hacker
who
stole
150,000
Ethereum
(ETH)
from

Parity
Multisig
Wallet
version
1.5
in
July
2017
transferred
$9
million
worth
of
ETH
to
eXch
after
seven
years
of
inactivity.
According
to
smart
contract
monitoring
service
Cyvers
Alerts,
the
hacker
initiated
the
laundering
of
3,050
ETH,
utilizing
“multiple
consolidated
addresses.”

🚨ALERT🚨
In
2017,
a
vulnerability
in
Parity
Multisig
Wallet
version
1.5+
led
to
the
theft
of
over
150K
ETH,
valued
at
approximately
$30M
USD
at
the
time.

The
hacker
behind
this
theft
has
demonstrated
remarkable
patience,
marking
a
significant
chapter
in
crypto
history.
Today,…

pic.twitter.com/JPD5nJcmrJ

—
🚨
Cyvers
Alerts
🚨
(@CyversAlerts)

May
13,
2024

The
analysts
added
that
the
hacker
still
controls
over
83,000
ETH
worth
around
$246
million
at
current
prices
stolen
from
the
2017
attack.
The
hack,
which
drained
153,037
ETH
from
three
multisignature
contracts
associated
with
Parity
Multisig
Wallet
in
2017,
highlighted
vulnerabilities
within
the
Ethereum
ecosystem.

Analysts
at
OpenZeppelin,
a
blockchain
infrastructure
platform,

suggested
at
the
time
that
the
attack
could
have
been
prevented
by
avoiding
certain
coding
practices,
such
as
using
the
“delegatecall”
function
as
a
catch-all
forwarding
mechanism.

The
analysts
also
emphasized
the
importance
of
implementing
robust
coding
patterns
and
standards
within
the
Ethereum
ecosystem
to
mitigate
such
vulnerabilities.
Failure
to
do
so,
the
firm
warned,
could
lead
to
“disastrous
consequences,”
even
from
a
seemingly
“innocent-looking
bug.”