The identity of the hacker of The DAO finally revealed? This is what Laura Shin, a journalist specializing in the world of blockchain, promises after several years of investigation alongside Chainalysis. The opportunity to return to this event that could have changed the history of the famous blockchain Ethereum (ETH).
A name on the hacker of The DAO?
It may well be that the light is finally shed on the origin of the hack of “The DAO”, which could well have brought to its knees the second largest blockchain of the entire ecosystem, Ethereum (ETH).
Journalist and author Laura Shin, who specializes in the world of blockchain, led a long investigation alongside the data analysis company Chainalysis in order to track down the person who would be responsible for this dark page in the history of Ethereum.
According to this investigation, it seems that the culprit is Toby Hoenisch, a 36-year-old man who grew up in Australia and was living in Singapore at the time of the hack.
However, the man is not unknown to the general public. Indeed, he is one of the co-founders of TenX, a project that managed to raise $80 million to develop a credit card service dedicated to cryptocurrencies. This never got past the project stage as it was eventually abandoned.
In order to find out more, the reporter reached out to Toby Hoenisch to share her investigations, to which he reportedly simply replied, “Your statement and conclusion are factually incorrect.”
Back to the event
Let’s go back to 2016: a smart contract by the name of “The DAO” was attracting all eyes at the time, when the world of blockchain was (very) far from being as vast and varied as it is today. In concrete terms, “The DAO” was a fundraiser open to the general public and hosted on the Ethereum blockchain, during which participants were given governance tokens to decide the future of the projects listed there.
Slock.it, the company behind this idea, expected The DAO to raise around 5 million dollars, far from imagining the success that awaited it.
Everything went quickly: the public sale started on April 30th and raised 9 million dollars in just 48 hours. Within a month, The DAO owned 15% of all the Ether available on the market. On June 17, Ether printed a price of $21.52, bringing the value of The DAO to $249.6 million.
But the joy quickly gave way to dismay. The team behind The DAO began to realize that Ether was being drained bit by bit on the same day. Within hours, 31% of the Ether had already been stolen, and the price of the cryptocurrency had dropped by 33%.
A decision had to be made quickly to avoid disaster, and that’s when Ethereum experienced its now famous first hard fork under the name “DAO Fork”, becoming the blockchain we know today.
A few months later, the attacker turned his ETCs (the name of the ETH on Ethereum Classic following the hard fork) into Bitcoins (BTC) on the ShapeShift exchange, and the story remained there.
New clarifications
6 years later, we learn from this investigation that Chainalysis would have developed a tool to track cryptocurrencies that have passed through mixing solutions.
Today, many hackers use this tool through different platforms such as Tornado Cash, which was notably used during the hack of the Meter bridge at the beginning of the month. These protocols allow to “mix” the different funds that are deposited in order to make them untraceable, which allows hackers to keep a certain anonymity.
Thanks to this tool developed by Chainalysis, the journalist was able to realize that the attacker had used Wasabi Wallet, a wallet using this method, to store his BTC on 4 different addresses.
Then, the hacker would have used the different wallets to transform his BTC into GRIN tokens via a Grin node bearing the address “grin.toby.ai”.
Little by little, it would have been possible for Laura Shin to trace the addresses of the nodes used, which always ended in “.ai”. Even worse: one of the addresses was directly associated with TenX.
But that’s not all. According to Laura Shin, Toby Hoenisch used the handle “@tobyai” on many social networks including Twitter and Reddit, and even his email address had the same ending. He also used this same address to communicate with an employee of Slock.it in order to tell him about the flaws he had found in The DAO’s system some time before the attack.
It remains to be seen whether a new investigation will be conducted by the authorities following the appearance of these new and rather disturbing elements and now that the person responsible seems to have been clearly identified.