Laura Shin, a cryptocurrency journalist and host of the Unchained podcast, claimed to have uncovered the identity of the individual behind an exploit that drained over 3.6 million Ether from German startup Slock.it’s The DAO in 2016.
According to an article published Tuesday by Bloomberg, Shin claims that she had “extremely strong evidence” that Mimo Capital co-founder Toby Hoenisch was responsible for withdrawing over 3.6 million Ether (ETH) from the DAO in June 2016, or about 50 million dollars at the time. An unknown hacker used an exploit to drain around a third of the DAO’s ETH supply, forcing developers to fork the network and leaving the illicit funds in what became known as the Ethereum Classic (ETC) blockchain.
With the publication of my book today, I can finally announce: during the writing of my book, my sources and I believe that we have discovered the identity of the 2016 Ethereum hacker DAO.
— Laura Shin (@laurashin) February 22, 2022
Shin’s research conducted with Ethereum developer Alex Van de Sande and blockchain analytics firm Chainalysis alleged that Hoenisch knew about the exploit weeks before the attack on June 17, 2016. According to Van de Sande , the pirate used Shapeshift crypto exchange to convert the stolen ETC – after the hard fork – into Bitcoin (BTC). They believe the attacker then uses the Wasabi crypto wallet to mix BTC, four “different central exchanges” to further launder funds, and finally the privacy-focused cryptocurrency Grin “for more privacy.”
Chainalysis said it was able to unmix crypto transactions and trace funds back to exchanges which then received the tokens in accounts allegedly managed by Hoenisch. The company added that “this is yet another example of evidence being held on the blockchain forever”.
“I have no pity for Toby Hoenisch, if he really is the guy”, noted Van de Sande. “It’s been a stressful time for all of us, we’ve seen almost everything we had fractured and fall off.”
The co-founder of Mimo Capital would have refuse Shin’s allegations, calling his findings “factually inaccurate.” In Mimo’s Telegram on Tuesday, community manager Thomas Reinhardt said Hoenisch had “played no active role in the day-to-day operations” of the platform since its inception.
“The contents of these accusations are as surprising to us as they are to the community, and we remain committed to providing the best and most secure Euro stablecoin DeFi platform for our users,” Reinhardt said.
Had the developers not acted to fork the network, the original 3.6 million ETH tokens would have been worth over $9 billion at press time. However, with the price of ETC around 10% of that of ETH, the stolen funds are estimated to be around $94 million.
“I imagine a number of people who have used [Wasabi] for illicit purposes do not feel safe today,” Shin said. “This can make them wonder if blockchain forensics will catch up with them later on, even if they are using the latest cryptographic obfuscation techniques today.”