Back in 2017, we learned about the biggest heist in EVE Online history (opens in new tab): A year-long inside job that ultimately made off with an estimated 1.5 triillion ISK, worth around $10,000 in real money. But now another EVE player claims to have pulled off a heist worth significantly more than that—and with significantly less work involved.
The 2017 heist, like so many of EVE's most interesting stories, relied primarily on social engineering: Investing months or years of time into grooming a target before pulling the rug out from beneath them. But redditor Flam_Hill (opens in new tab) said this job was less bloody: Instead of betrayal, this theft was dependent upon learning and exploiting the "shares mechanic" in EVE Online in order to leverage a takeover of Event Horizon Expeditionaries, a 299-member corporation that was part of the Pandemic Horde alliance.
Using a "clean account with a character with a little history," Flan_Hill and an unnamed partner applied for membership in the EHEXP corporation. After the account was accepted, Flan_Hill transferred enough of his shares in the corporation to the infiltrator to enable a call for a vote for a new CEO. The conspirators both voted yes, while nobody else in the corporation voted at all.
This was vital, because after 72 hours the two "yes" votes carried the day. The infiltrating agent was very suddenly made CEO, which was in turn used to make Flan_Hill an Event Horizon Expeditionaries director, at which point they removed all the other corporate directors and set to emptying the coffers.
They stripped 130 billion ISK from the corporate wallet, but that was only a small part of the haul: Counting all stolen assets, including multiple large ships, Flam_Hill estimated the total value of the heist at 2.23 trillion ISK, which works out to more than $22,300 in real money. ISK can't be legally cashed out of EVE Online, but it can be used to buy Plex (opens in new tab), an in-game currency used to upgrade accounts, purchase virtual goods, and activate other services.
Compared to most of EVE's high-stakes treachery, this all sounds rather mundane: A wealthy corporation was left unattended, and a couple of smart guys figured out how to leverage the game's rules to take advantage of it. Flam_Hill essentially confirmed that aspect of it in the coda to their story: "The well-being and security of a Corporation or Alliance lies in the management of its leadership, the activity of those members is paramount," they wrote. "This heist was made possible by really only two things, I had come into the shares by pure chance and EHEXP leadership barely registered a heartbeat."
The one aspect of the story that some redditors took issue with is the origin of the 1,000 shares in Event Horizon Expeditionaries that made this theft possible in the first place. Some redditors theorized that Flam_Hill is actually the long-departed founder of the corporation, who's been sitting with those shares in his personal wallet for years; others said they may have purchased a character from a member of the corporation who forget to remove the shares from their wallet before transferring ownership.
One redditor, Sgt_Dashing, said it could have been a simple mistake: "It's entirely possible during corp creation if you don't know the mechanics properly to either misclick or otherwise incorrectly handle the shares."
The one thing everyone seems to agree upon is that at the very least, the strategy is viable. It all comes down to EVE's corporation voting system (opens in new tab): Any member of a corporation holding more than 5% of the total shares can start a vote, and—this is what it really comes down to—"the option that gains more than 50% of cast votes wins the vote." This is why the inattentiveness of EHEXP membership was so vital: Flam_Hill and his partner were the only ones to vote "yes," so they had 100% of the cast votes and were thus able to seize power.
Redditor 961402 actually tested the strategy by transferring 1,000 shares in a corporation to a non-member account, who then applied and was invited to join through the standard corporate application process. The test appeared to run into a wall when the option to propose a vote didn't appear, but another redditor said it was necessary to train the character's corporate management skill to at least 1 in order to enable the option.
"That gave me the 'Run for CEO' option, and then I voted for myself," 961402 wrote. "Success! This is one of those things I love about Eve: No matter what you want to do, chances are there is some skill that you overlooked and haven't trained that's going to keep you from doing it the first time you try."
EVE Online developer CCP Games eliminated any doubt by confirming that the heist did in fact take place, although it declined to comment on the value of the theft.
What makes all of this even more surprising is that it's not a new tactic. In this Reddit thread from 2014 (opens in new tab), for instance, multiple redditors claim to have used corporate shares in ethically-dubious ways, including to force out a CEO and take over. There's a widely-held feeling that the whole shares system is, if not broken, then at least too easy to exploit: "Even their theoretically good applications can be massively (and legally) exploited by anyone with a basic willingness to poke around on the test server and see what they can and can't do," redditor Scout1Treia wrote.
So after years of backstabbing, betrayal, bloody vengeance, and boardroom skullduggery stretched out over years-long campaigns, it seems as though the biggest heist in EVE Online history has been pulled off by a guy who figure out how to apply the "no rule saying a dog can't play basketball" maxim to EVE Online. It might seem very dull and bookish by comparison, but it's a remarkable accomplishment, and I really enjoy how it demonstrates that having very granular knowledge of the rules can sometimes take you a very long way.
As redditor Intransigient put it, "This is what comes of not understanding how Corporations work in EVE."