Perhaps the thief was hoping CoinDash would drop the investigation? Last year, CoinDash fell victim to a hack that saw 37,000 ETH of investor\u2019s funds sent to the attacker\u2019s address instead of their company\u2019s Ethereum wallet address within minutes of launching their ICO to the public in July. The attacker (or attackers) replaced the ETH wallet address on CoinDash\u2019s website to mislead investors into sending their payments to the wrong ETH address\u2014now labelled as FAKE_CoinDash, prompting CoinDash to issue urgent messages to stop more investors from falling for the trap. But alas, the damage went up to worth over $7 million (at the time). Friday last week, CoinDash published an announcement saying the thief returned 20,000 ETH from the FAKE_CoinDash account to one of the real CoinDash\u2019s ETH accounts. It can also be seen that 160 days ago\u2014in September 19, 2017, the same FAKE_CoinDash account sent 10,000 ETH back to the same CoinDash account. That brings the total to 30,000 out of 37,000 ETH returned. So what happened to the remaining 7,000 dirty ETH? Based on the FAKE_CoinDash\u2019s transaction history here, the only other outgoing transaction made by this account is to the ETH address 0x2dE74edCCe90220E99E8ceB2DF79BAf9961BF8e2\u2014which has received 488 ETH from the hacker account and has been sending (or withdrawing) funds in smaller portions to different ETH addresses. Several outgoing transactions were made about a week before the first 10,000 ETH were returned to CoinDash. See below. The mysterious decision has spurred some suspicions, including that of an inside job. Or perhaps, the perpetrator fears the investigation CoinDash said it had launched, and is returning the funds in an attempt to persuade CoinDash to drop the investigation altogether? We have yet to see what the hacker plans to do with the remaining stolen funds. Currently, Etherscan shows the blacklisted account contains 13,000 ETH, including some other tokens. It\u2019s unclear where the additional 6,000 ETH was from\u2014it could be from more victims. Despite the rough start, CoinDash CEO Alon Muroch says their scheduled launch is unaffected and will proceed as planned. \u201cSimilar to the hack itself, the hacker\u2019s actions will not prevent us from the realizing our vision, CoinDash product launch will take place next week as originally intended,\u201d says Muroch.