There’s a strange new twist to the Parity Ethereum wallet hacking story Wednesday in which 150,000 ETH tokens ($31 million) was stolen from three companies that had recently raised funds through an initial coin offering.

Now, so-called “white hat” hackers are claiming to have stolen an additional 377,000 ETH tokens ($85 million) for safekeeping and are promising to return the tokens to their owners at a later date.

A spokesperson using the name of “jbaylina” on Reddit claimed that “The White Hat Group” became aware of the vulnerability in the Parity “multisig” Ethereum wallet, so members “took the necessary action to drain every vulnerable multisig they could find as quickly as possible.” Providing evidence of their actions, the user also linked to an Ethereum block explorer address where the stolen, or saved, Ethereum tokens are detailed. The link shows a balance of about 377,105 ETH, proving that they have possession of the funds but not necessarily that they will return to them to their rightful owners.

“If you hold a multisig contract that was drained, please be patient. We will be creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and we will return your funds to you there,” jbaylina wrote, explaining the process in which the Ethereum tokens will be returned. “We will be using the donations sent to us from The DAO Rescue to pay for gas,” he or she added, suggesting that they will be raising money for their alleged “white hat” service.

One interesting part from the Reddit post is the claim that the funds will not be returned until the vulnerability in the Parity wallets is fixed. Parity itself claims to have fixed the problem, suggesting that the hackers may have discovered another vulnerability in the code for the Ethereum multisig wallets that has not yet been publicly disclosed.

Should the putative white hat hackers return the Ethereum tokens to the rightful owners, it could be claimed that they have provided a public service and should be congratulated for doing so. That said, the idea that anyone can take money from a private Ethereum wallet under any circumstances remains a disturbing concept.

Photo: Maxpixel