Exclusive: Parity Hacker Claims to be an Ethereum Newbie in an Interview – Trustnodes

Exclusive: Parity Hacker Claims to be an Ethereum Newbie in an Interview


“Will i get arrested for this?” So asks a user called devops199 on parity’s developers real time public chat room, before confirming he called the “kill” transaction which wiped out the code library and froze some 500,000 eth, currently worth $150 million.

“I’m eth newbie… just learning… sending kill() destroy() to random contracts you can see my history” he publicly said.

He further told Trustnodes he was researching an article detailing the hack and theft of some 150,000 eth by exploiting a vulnerability in Parity’s Multisig Wallet this July 2017.

“I’m a newbie and reasearching over that article. I ended at that contract. I triggered the kill,” devops199 says before adding:

“I belive my kill will fail because most of my “kill” cmds were failed and parity is a big company, big heads,” he says.

“What exactly were you researching in regards to the article?,” we asked.

“I’m walking randomly becaue i’m a newbie. I even don’t know how to code,” he says. “I’m just a consultant, user interface.” He adds.

When some were joking in the public chat about him now being famous, “please stop guys… my hands are shaking,” he said. To us he stated “I’m really scared.”

We asked “some might wonder whether you were researching that article so that you can maybe try and hack some eth out in the same style?” But did not receive any further responses, including a request for any general statement he may have.

Just minutes after the library was wiped out, devops raised an issue at parity’s github titled “anyone can kill your contract.” “I accidentally killed it,” he says, before adding:

“Hello, first of all i’m not the owner of that contract. I was able to make myself the owner of that contract because its uninitialized.

These (https://pastebin.com/ejakDR1f) multi_sig wallets deployed using Parity were using the library located at “0x863df6bfa4469f3ead0be8f9f2aae51c91a907b4” address. I made myself the owner of “0x863df6bfa4469f3ead0be8f9f2aae51c91a907b4” contract and killed it and now when i query the dependent contracts “isowner(<any_addr>)” they all return TRUE because the delegate call made to a died contract.

I believe some one might exploit.”

He told us he did not steal anything, further publicly stating he had only 0.1 eth.

Devops provided evidence he did it by signing a message with his private key, although we have not checked the signature:

“”address”: “0xae7168deb525862f4fee37d987a971b385b96952”,
“msg”: “i’m devops199.. and i’m not malicious”,
“sig”: “0xc6b74bb99f90d19b70d989605bcaad52251184e5264ad76497556f65b7be80731a7a0ea6d5fa0ac093f49cda3c21ccd5bee9d8f0bc6efecfe1dde2e2b6932fbf1b”,
“version”: “2”


Comments (3)

  1. Note that the signed message fails etherscan verifySig: https://etherscan.io/verifySig

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>