Hackers strike ethereum again, slink away with over $30 million

If the theft of over $7 million in ethereum this week during an ICO wasn’t enough to cause a headache for advocates of the cryptocurrency, only two days later, another attack has allegedly resulted in the loss of at least $30 million.


Ethereum, also known as ether (ETH), is a kind of cryptocurrency which was recently part of an Initial Coin Offering (ICO) over at CoinDash.

The virtual currency was intended for use by investors to fund apps and services on the trading platform, but at the time the ICO was launched, a hacker allegedly compromised the CoinDash website to make off with a minimum of $7.4 million.

The attack took only minutes and the switch of a wallet address posted on the CoinDash website to one the alleged perpetrator controlled, but the damage was done — leaving investors millions out of pocket and CoinDash in serious trouble.

Ethereum traders may still be reeling from this incident, but less than 48 hours later, another alleged attack has taken place.

According to coding service Parity , a vulnerability exists in the latest 1.5 version and later of its software which acts as the backbone of cryptocurrency wallets.

The critical flaw, discovered in a specific multi-sig contract called wallet.sol, has resulted in at least three wallets being compromised and the loss of approximately $31 million dollars’ worth of ethereum.

If you have a multi-sig wallet, you should check to see if your stash of ethereum is still there.

However, if the wallet comes up empty, not all may be lost — as white hat researchers from Parity have attempted to mitigate the issue by draining every vulnerable wallet they could find into temporary holding wallets which are not vulnerable to the exploit.

So far, 377,000 in ethereum has been recovered in this way, amounting to over $77 million at the time of writing.

One of the victims, cryptocurrency commerce platform Swarm City, has acknowledged the company is one of the victims. In a statement, Swarm City said 44,055 ETH has been lost, which equates to approximately $9 million.

The company also named the two other victims as Edgeless Casino and Aeternity , both organizations of which have confirmed the loss of ethereum.

Edgeless Casino has lost roughly $5.6 million, and Aeternity has lost close to $17 million.

Ethereum traders on Reddit have suggested the attack was made possible through nothing more than a trivial programming error, rather than a sophisticated technique or security workaround.

See also: Cisco among the 34 new members of Enterprise Ethereum Alliance

“If you hold a multisig contract that was drained, please be patient,” the researchers posted on Etherscan . “They will be creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and will return your funds to you there.”

Parity warned users of the issue in a security advisory , which has now been updated to show future editions of the wallet software have been patched against the bug and likely will be released soon.

您可能感兴趣的

黑客找到了入侵取款机的新方法 入侵自动取款机,在本地给它们注入恶意软件听起来很不错,不过,当你被安全警卫抓起来扔进监狱的时候,可能就没那么有趣了。正因如此,现在,越来越多的网络罪犯不再选择亲自动手。 在最新的网络威胁报告中,Trend Micro公司的研究人员强调,针对ATM机的网络攻击越来越多,这家跨国安全软件公...
【安全帮】黑客侵入网上商城窃7万余元获刑 自称“替天行道”... 摘要: FTC发电信诈骗警告:近几月已有21位华人被骗250万美元联邦贸易委员会(FTC)上周向生活在美国的华人社区发布警告,称近期发现了多起伪装成中国大使馆的诈骗电话。这些诈骗内容五花八门,有的是要求收件人都中国领事馆办公室领取包裹或文件,有的是提供人民币兑换美元服... FTC发电信诈...
Promoting myself in a Hacker Con I'm giving a speech in September in Valencia, Spain, about Internet Censorship and how to fight against it . But the event itself is a huge opportuni...
行业如何运用直播成就黑客式增长? // 这篇是我在七牛直播云发布会上进行分享的演讲稿。 大家好,我是《增长黑客》的作者,跟七牛团队很熟了,加上本身也是一名正在用七牛云服务的创业者,今天受邀来站台做这个分享,跟国内资深媒体人和电竞大神畅谈直播的格局和未来,十分荣幸。今天我分享的主题叫《行业如何运用直播成就黑客式增长》。 ...
Are Computer Hackers Days Numbered? New Server Fro... Software 2307 New Z series mainframes will take some beating. IBM claim the 14th generation of its Z series mainframes can encrypt 12 billio...
ZDNet Security Blog责编内容来自:ZDNet Security Blog (源链) | 更多关于

阅读提示:酷辣虫无法对本内容的真实性提供任何保证,请自行验证并承担相关的风险与后果!
本站遵循[CC BY-NC-SA 4.0]。如您有版权、意见投诉等问题,请通过eMail联系我们处理。
酷辣虫 » Hackers strike ethereum again, slink away with over $30 million



专业 x 专注 x 聚合 x 分享 CC BY-NC-SA 4.0

使用声明 | 英豪名录