This is the main reason for using proof messages. Sending proof messages is a rule for this bounty but i didnt see a slot for writing proof link on application form. This explains why they chose them to attack. We can find cheater's username if we check ethereum adresses (maybe).