$30 Million in Ethereum Stolen by Hackers–Third Incident in a Month

2
ethereum stolen
Wikimedia Commons

Just two days after the alleged hacking of CoinDash, another cryptocurrency heist occurred and this time, three companies have been attacked by an unknown hacker.

On Wednesday, Smart contract coding company Parity issued a security alert via its blog. The report warned companies who use Parity’s Ethereum Wallet software that a vulnerability has been found, apparently compromising user accounts.

Security Alert issued by Parity
Security Alert issued by Parity | Screengrab Parity

The cyber heist is the third among a series of cryptocurrency hacking incidents that occurred in less than a month.

#Hackers attacked again and stole $30 Million worth of #Ethereum!Click To Tweet

A couple of weeks ago, South Korean digital currency exchange Bithumb was reportedly hacked, and the hackers got away with more than $1 million USD in Ether and Bitcoin. On Tuesday, CoinDash was also hacked a few minutes after its ICO launch. It was reported that the cyber thief was able to steal $7 million USD in Ether.

A ‘Bug’ That Lead to the Ethereum Stolen

Parity is an Ethereum client developed by Parity Technologies, a VC-funded, UK-based company. It makes use of the Rust language, a hybrid imperative/OO/functional language with an emphasis on efficiency. Parity has a built-in Ethereum Wallet and Dapp environment.

According to the security alert released by Parity, hackers were able to access accounts due to a ‘bug’ in a particular multi-signature contract known as wallet.sol.

The bug issue was tagged as ‘critical’ by the company, and everyone with funds in a multi-signature wallet was advised to move their funds to a more secure address.

The said vulnerability lead to the hacking of funds from the accounts of Swarm Cityæternity blockchain, and Edgeless Casino. Upon checking with Etherscan.io, the address where the stolen Ethereum were transferred now only has around $18 million USD in Ether–from $30 million USD worth of reported losses.

Screengrab Etherscan.io
Screengrab Etherscan.io

In a statement written in the Parity Gitter channel, Gavin Wood, founder and CTO of Parity, said:

“There is an effort by the foundation underway to secure funds in other wallets to prevent any further compromises; they will make an announcement in their own time.”

‘White Hat Hackers’ Rescued $75 Million USD Worth of Ethereum

Aside from the Ethereum stolen by the unknown hackers, another group dubbed as the White Hat Hackers took over 377,000 Ether amounting to $75 million USD from suspected bad actors and is returning the funds to their rightful owners.

Screengrab from Etherscan.io
Screengrab from Etherscan.io

Reports claimed that the group used the same exploit to access and drain vulnerable wallets as part of their efforts to protect the funds from the black hat hackers.

Yay! #WhiteHatHackers came to the rescue and secured millions of #Ethereum!Click To Tweet

In Reddit, the White Hat Hackers wrote:

The White Hat Group were made aware of a vulnerability in a specific version of a commonly used multisig contract. This vulnerability was trivial to execute, so they took the necessary action to drain every vulnerable multisig they could find as quickly as possible. We will be creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and we will return your funds to you there.

As of writing, Parity has already released an updated version of their software to fix the vulnerability.

How can cryptocurrency trading platforms offer a safer way to conduct financial transactions? Where is the threshold for theft where people stop investing in cryptocurrencies?

banner ad to seo services page