Exclusive: Parity Hacker Claims to be an Ethereum Newbie in an Interview

November 7, 2017 3:08 pm 3

“Will i get arrested for this?” So asks a user called devops199 on parity’s developers real time public chat room, before confirming he called the “kill” transaction which wiped out the code library and froze some 500,000 eth, currently worth $150 million.

“I’m eth newbie… just learning… sending kill() destroy() to random contracts you can see my history” he publicly said.

He further told Trustnodes he was researching an article detailing the hack and theft of some 150,000 eth by exploiting a vulnerability in Parity’s Multisig Wallet this July 2017.

“I’m a newbie and reasearching over that article. I ended at that contract. I triggered the kill,” devops199 says before adding:

“I belive my kill will fail because most of my “kill” cmds were failed and parity is a big company, big heads,” he says.

“What exactly were you researching in regards to the article?,” we asked.

“I’m walking randomly becaue i’m a newbie. I even don’t know how to code,” he says. “I’m just a consultant, user interface.” He adds.

When some were joking in the public chat about him now being famous, “please stop guys… my hands are shaking,” he said. To us he stated “I’m really scared.”

We asked “some might wonder whether you were researching that article so that you can maybe try and hack some eth out in the same style?” But did not receive any further responses, including a request for any general statement he may have.

Just minutes after the library was wiped out, devops raised an issue at parity’s github titled “anyone can kill your contract.” “I accidentally killed it,” he says, before adding:

“Hello, first of all i’m not the owner of that contract. I was able to make myself the owner of that contract because its uninitialized.

These (https://pastebin.com/ejakDR1f) multi_sig wallets deployed using Parity were using the library located at “0x863df6bfa4469f3ead0be8f9f2aae51c91a907b4” address. I made myself the owner of “0x863df6bfa4469f3ead0be8f9f2aae51c91a907b4” contract and killed it and now when i query the dependent contracts “isowner(<any_addr>)” they all return TRUE because the delegate call made to a died contract.

I believe some one might exploit.”

He told us he did not steal anything, further publicly stating he had only 0.1 eth.

Devops provided evidence he did it by signing a message with his private key, although we have not checked the signature:

“”address”: “0xae7168deb525862f4fee37d987a971b385b96952”,
“msg”: “i’m devops199.. and i’m not malicious”,
“sig”: “0xc6b74bb99f90d19b70d989605bcaad52251184e5264ad76497556f65b7be80731a7a0ea6d5fa0ac093f49cda3c21ccd5bee9d8f0bc6efecfe1dde2e2b6932fbf1b”,
“version”: “2”
}”

 

Related posts

3
Leave a Reply

100000
3 Comment threads
0 Thread replies
1 Followers
 
Most reacted comment
Hottest comment thread
3 Comment authors
  Subscribe  
newest oldest most voted
Notify of
Greg

Seems to pass? https://etherscan.io/verifySig/74

Vote Up2Vote Down  Reply
November 7, 2017 8:32 pm
Nate Welch

Note that the signed message fails etherscan verifySig: https://etherscan.io/verifySig

Vote Up0Vote Down  Reply
November 7, 2017 6:31 pm
Satoshi Nakamoto

Check out this . hilarious t-shirt with the legendary quote from Devops199 https://cryptoshirt.io/products/devops199-quote-i-accidentally-killed-it-tee

Vote Up-1Vote Down  Reply
November 10, 2017 9:06 pm