The Thief Who Stole $50 Million In Ether Can't Spend His Money

Will the hacker or hackers behind a huge heist be able to spend their bounty?

Posted on

Imagine that you are a master thief, a real Danny Ocean. In your latest caper, you discover a way into the vault of a brand-new bank, one thought to be pretty much uncrackable. And then, using the bank's own state-of-the-art systems against it, you steal about $60 million dollars. Finally, you escape — and no one knows who you are.

But there's a problem: The money you stole has to sit in escrow for a month. So you can't celebrate with a dinner at the French Laundry. Also, by the time you leave the vault, everyone knows that you stole the money and that it's in escrow — so they have 27 days to figure out a way to keep you from getting it, laundering it, and spending it.

This is basically what happened earlier this month when a hacker or hackers siphoned about a third of the money out of a state-of-the-art online investment fund called the DAO. Investors buy into the DAO — short for decentralized autonomous organization — with a year-old cryptocurrency called ether. At the time of the hack, the DAO had raised over $150 million worth of the stuff, which amounts to 15% of all ether in existence. Over the course of several hours on June 16 and 17, the hacker stole about 3.7 million Ethereum tokens from the fund. That's a large enough chunk of the total amount of ether to cause panic, and the price of the currency fell more than a quarter. Even after that crash, as of this writing, the purloined ether are still worth about $50 million.

The tricky part is, there is no way to directly withdraw from the DAO. Instead, to cash out, you have to create a so-called child DAO, a kind of escrow from which no ether can be extracted for 27 days. That gives the major stakeholders in the DAO and Ethereum a month to figure out a way to stop the hacker from ever getting their money.

"There’s been a lot of coordinated activity," said Joseph Lubin, one of the co-founders of Ethereum and the founder of ConsenSys, a blockchain technology company. He told BuzzFeed News that Ethereum developers, currency exchangers, and miners are working together to make sure the money never gets spent. "It's not going to happen," he said.

You Have to Outsmart the Bank a Second Time

In the Danny Ocean case, law enforcement's first step would be to freeze the assets in escrow, to prevent them from ever reaching the thief. But in the technolibertarian world of cryptocurrency, things aren't quite so easy. Who is law enforcement? And what are the laws? The idea behind the DAO, like the idea behind bitcoin and ether, was to create a code-based financial entity with no cops and no centralized control — meaning there's no Fed to step in during a crisis.

Ethereum, which has attracted attention from JPMorgan Chase, IBM, and Samsung, differentiates itself from bitcoin because it's more than just a cryptocurrency; instead, it is a platform for different distributed applications, of which ether (currency) and the DAO (funding) are only two. Just last month, Fred Ehrsam, the co-founder of the leading bitcoin wallet Coinbase, wrote that "Ethereum is ahead of Bitcoin in many ways and represents the bleeding edge of digital currency."

It's unclear to what extent American securities laws apply to Ethereum, or to the theft. So far the SEC has expressed "concern," and little else, over the hack. Also, major changes to the DAO are supposed to happen by consensus, per its distributed nature, or not at all. So the theft, or rather the response to the theft, poses major questions for Ethereum and for cryptocurrency in general. Namely: Is it a theft at all, or a natural consequence of the philosophy behind the currency? And if the hack forces Ethereum's applications to become more secure, is it an improvement?

Vitalik Buterin, the 22-year-old Canadian programmer who invented Ethereum, was quick to propose freezing the hacker's ill-gotten money. Known as a "soft fork," the asset freeze involves updating the Ethereum code in a way that prevents money from moving into or out of the hacker's unique address.

Sounds simple, right?

It is, sort of. The soft fork is just a basic software update. Because of the way Ethereum works, though, 51% of the cryptocurrency's nodes (basically, users) would have to update their software for the freeze to take effect. And that gives the hacker some room to come up with a bold plan.

On June 18, someone claiming to represent the hacker wrote in a DAO slack channel, “[S]oon we will have a smart contract to reward miners who oppose the soft fork ... 1 million ether + 100 btc will be shared with miners.” In other words, the hacker plans on bribing Ethereum miners with nearly a third of the stolen money if they reject the software update.

Lubin told BuzzFeed News that 85% of Ethereum miners have already agreed to accept the soft fork, and that the legitimate businesses that deal in Ethereum have too great a stake in its success to cooperate with the hacker.

"No one is going to attempt to take bribes from stolen money," Lubin said. "The implications are nightmarish, socially and legally," he said.

Congrats, You Finally Got Your Money — Now You Need to Launder It

But let's say the nightmare comes true: lots of Ethereum miners take the bribe and in a few weeks the attacker withdraws the ether from escrow. What then? Well, then they would need to launder their score, which would in this hypothetical be whittled down to 2.7 million ether, or $37 million. However, they couldn't exchange it all at once for dollars.

First of all, the currency can't be easily exchanged without affecting its price. "As soon as you start withdrawing, the value will drop precipitously," Robert Graham, CEO of Errata Security, told BuzzFeed News.

And second, many of the exchanges where the hacker could trade the ether for dollars (or more likely, bitcoin) require identification, so even if they did do business with the thief, it would unmask them.

A more feasible option, according to Philip Daian, a software engineer who researches Ethereum, would be to use an exchange that doesn't require ID, like ShapeShift, or to take the money to a Dark Web exchange and try to sell it at a discount or for more liquid goods — like, say, drugs or weapons.

"He might be able to get a million dollars out if he tried really hard," said Graham.

Today, that seems implausible. The soft fork patch has been released, and it looks likely to pass. While that would mean our master thief never gets to spend their ether, it doesn't necessarily mean they haven't already enjoyed a windfall. The Ethereum community has widely speculated that the hacker or hackers placed a short bet on the currency prior to carrying out the attack. As the value of Ethereum plunged, such a bet would have paid off handsomely. In that case, any ether the attacker is able to get from the hack itself would be a bonus.

(Regardless of whether the attacker makes any money, he or she appears to have destroyed the DAO. In a likely next step after the soft fork, a so-called hard fork would freeze the DAO and let all of its investors withdraw their initial investments. There are a number of reasons why this hard fork would happen, including loss of confidence in the DAO code by investors and the public relations damage to the Ethereum platform beyond the DAO if the hacker is allowed to keep the money.)

As a Hail Mary, Why Not Sue the Bank You Robbed?

But the hacker hasn't exhausted all their options yet: They could always sue the bank. In an open letter published to Pastebin, someone claiming the be attacker wrote, "A soft or hard fork would amount to seizure of my legitimate and rightful ether, claimed legally through the terms of a smart contract. ... I reserve all rights to take any and all legal action against any accomplices of illegitimate theft, freezing, or seizure of my legitimate ether, and am actively working with my law firm." In the world of cryptocurrency, where code is the ultimate authority, funds gained by technical means — which is exactly how the thief pulled off the heist — are legitimate.

This is not an unpopular view. "The whole reason for cryptocurrency is to get out of the idea of the big guys manipulating the system for their own benefit," Graham told BuzzFeed News. "I hope that he wins, philosophically." Graham is right — an intervention in the DAO would favor the interests of people who have lot of ether.

In other words, imagine our master thief suing the bank they stole money from for trying to get it back. And then, imagine the other customers applauding them for teaching the bank a lesson.

All of this means the very bureaucratic bodies that crypto-purists detest are probably going to get involved. Said Lubin, the Ethereum co-founder, "It's almost certain entities like the FBI and the SEC are going to investigate this matter."

So now imagine your single heist calling into question the very principles of the currency you've stolen. Even Danny Ocean never did that.

Joe Bernstein is a senior technology reporter for BuzzFeed News and is based in New York. Bernstein reports on and writes about the gaming industry and web culture.

Contact Joseph Bernstein at

Got a confidential tip? Submit it here.