Today a new force has risen: “The Dark DAO”. If you don’t know yet what this is all about, read this and this.

Now that it has turned out that The DAO was also a huge multi-million bug bounty program — here is a quick update for those who want a visual of what happened to the network in the first hours after the draining started.

Useful information

Creator of the malicious DAO: 0x4a574510c7014e4ae985403536074abe582adfc8

Start of the drain: 2016–06–17 03:34:48 UTC, block 1718497

The malicious child DAO aka “The Dark DAO”:0x304a554a310c7e546dfe434669c62820b7d83490

Malicious token holders aka “Dark token holders”.

These are the accounts that control the malicious DAO:

0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89 0xf835a0247b0063c04ef22006ebe57c5f11977cc4

These are the accounts that control the malicious DAO: 0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89 0xf835a0247b0063c04ef22006ebe57c5f11977cc4 Curator of the malicious DAO and creator of the malicious proposal: 0xb656b2a9c3b2416437a811e07466ca712f5a5b5a

The malicious proposal from which the attack was launched:

#59, aka “lonely, so lonely”, 2016–06–08 05:38:01 UTC, before the recursion call bug went public on 2016–06–10

#59, aka “lonely, so lonely”, 2016–06–08 05:38:01 UTC, before the recursion call bug went public on 2016–06–10 Voted Yes (same as the malicious token holdes):

0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89

0xf835a0247b0063c04ef22006ebe57c5f11977cc4

0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89 0xf835a0247b0063c04ef22006ebe57c5f11977cc4 Voted No:

0xca8e11c876180c9f2115fa61fe2a1a3a6f66ebaf

0x347c28ef5487b37a8e03040653a739f19b986b2d

0xca8e11c876180c9f2115fa61fe2a1a3a6f66ebaf 0x347c28ef5487b37a8e03040653a739f19b986b2d Recipient as stated in the malicious proposal (same as curator): 0xb656b2a9c3b2416437a811e07466ca712f5a5b5a

The analysis was conducted with the help of this wonderful data source. Thank you nickjohnson!

A notice to readers

This is all happening just right now. Please don’t draw fixed conclusions too quickly. None of the accounts mentioned in this block are necessarily malicious. Also, I’m wrong sometimes. Maybe there is a mistake in the analysis. Please keep that in mind. Thank you.