ENS Domain Hacker Returns His Loot In Exchange for Compensation

smiling hacker

Last Updated on

One would think that hackers go about their business without thinking about those whom they harm. However, there are instances every now and then which prove that these cyber-hitmen could have a change of heart. 

Earlier this month, a hacker who was able to successfully pilfer up to 17 domain names in the recent auction conducted by the Ethereum Name Service (ENS) decided to give them all back. Sources have revealed that the names have all been returned, and that proper bidding on the names will begin shortly. 

An auction gone wrong

The entire case began in September, when the ENS auction began. It was to be run by digital collectibles marketplace OpenSea, and prospective buyers were set to place bids for several domain names on the network. 

However, OpenSea announced about a week ago that several domain names set to be auctioned been stolen by an anonymous hacker. The domain names included apple.eth, defi.eth, wallet.eth, and pay.eth, and according to the release by OpenSea, there was no way to get them back. 

As an alternative to the DNS Internet domain standard, ENS operates on the Ethereum blockchain, and unlike domain names on the DNS, ENS names can’t be forcibly retrieved once a party has gotten them. 

Further issues with that auction process affected some other domain names (including holds.eth and bitmex.eth), as bids for them were incorrectly processed. However, none of those domains were stolen. Taking full responsibility for the theft, OpenSea went on to promise rewards to the hacker in exchange for returning the domains. According to the release:

“We appreciate the work you’ve done exposing vulnerabilities in the auction system. To compensate for the work you’ve done to expose these vulnerabilities, we’re prepared to offer you 25% of the winning bid price of each name you return. We’ll also refund your purchase price.”

It’s unclear whether or not the promise of compensation was what spurred this hacker to send back the stolen domains, or whether he or she just did it out of the goodness of their hearts. Regardless, the domains are back, and bids on them are expected to resume shortly. 

Hackers with a heart of gold

This is not the first time that such a heel turn was recorded in the crypto space. On January 7, the Ethereum Classic blockchain suffered a 51 percent attack, which led to the loss of about $500,000 in ETC and a loss of about 120 percent of the cryptocurrency’s value.

However, about three days later, cryptocurrency exchange Gate.io announced in a blog post that about $100,000 of those stolen coins had been mysteriously returned. 

The exchange confirmed in its blog post that it had made multiple attempts to contact the hacker, as they were at least hoping to understand the reason for the sudden change of heart. While many have seen the occurrence as a demonstration of the inherent flaw in Poof-of-Work blockchains, Gate.io opined that this could have been a white-hat hacker who was making a statement.

The post stated, “We still don’t know the reason. If the attacker didn’t run it for profit, he might be a white hacker who wanted to remind people the risks in blockchain consensus and hashing power security.” 

Remember, all trading carries risk. Views expressed are those of the writers only. Past performance is no guarantee of future results. The opinions expressed in this Site do not constitute investment advice and independent financial advice should be sought where appropriate. This website is free for you to use but we may receive commission from the companies we feature on this site.

About Jimmy Aki

Jimmy has been following the development of blockchain for several years, and he is optimistic about its potential to democratize the financial system.