Ethereum: Mystery solved? The DAO’s $11B hack has a new suspect

question mark ge6ec9f5ca 1280 1000x600 1

While there has been no dearth of hacks and exploits within the cryptocurrency space, one of the most infamous ones transpired in 2016. At the time, around 3.64 million Ether were siphoned off The DAO protocol. The hack remains unsolved to this day. However, crypto-journalist Laura Shin is now claiming to have uncovered new evidence from the hack. Evidence that has apparently led her to the perpetrator – an Austrian programmer named Toby Hoenisch.

In Ethereum’s heyday, The DAO was one of the few dApps operating on the network. Through massive crowdfunding, it managed to rake in millions of dollars in the form of almost 15% of Ether’s supply at the time. By the time the hack happened, this ETH was worth $249.6 million, 31% of which the hackers were able to siphon off.

At press time, these tokens are worth around $11 billion, making it the costliest crypto-exploit to ever take place.

However, the identity of the culprit may finally be out, with Shin claiming so in her latest expose for Forbes.

According to the journalist, the alleged perpetrator is none other than the CEO of TenX, a failed crypto debit card venture that raised $80 million in its ICO. Hoenisch, upon being confronted with the evidence, vehemently denied these allegations before leaving the conversation, she added.

What brought her to this conclusion was a “previously unknown” forensic tool by Chainalysis. The tool managed to de-mix some 50 BTC the presumed hacker sent to the Wasabi Wallet. These were then traced to four exchanges, out of which one confirmed that the BTC was swapped for a privacy coin called Grin and withdrawn to a Grin node called grin.toby.ai, Shin noted.

“The IP address for that node also hosted Bitcoin Lightning nodes: ln.toby.ai, lnd.ln.toby.ai, etc., and was consistent for over a year; it was not a VPN. It was hosted on Amazon Singapore. Lightning explorer 1ML showed a node at that IP called TenX.”

She further revealed that @tobyai was Hoenisch’s handle name on various online platforms. He was also based in Singapore, while the time of the cash-out transactions from the hack also matched the country’s time.

“And the email address used on that account at the exchange was [name of exchange]@toby.ai,” she added.

Furthermore, Shin also uncovered the TenX CEO’s interest in The DAO in 2016 after he made several detailed comments about potential vulnerabilities. When his concerns were not heeded, Hoenisch wrote multiple posts on Medium explaining how an attack might take place and how one can carry it out cheaply. This foreshadowed the actual exploit that took place weeks later.

When Hoenisch was presented with all this evidence and more, Shin said that he called it “factually incorrect.” He later stopped replying after assuring her he could provide contrary evidence. Finally, he also deleted most of his Twitter posts soon after.