Hackers Continue Copy-Pasting Simple Tricks to Make Millions in Ethereum Hacks

Author Photo
Oct 3, 2017
11Shares
Submit

Hackers continue to target cryptocurrency projects as Etherparty has announced that its ICO website was hacked into. Criminals allegedly took over the site, changing the address for sending funds from the official address to their own. Sounds familiar? That’s because it happened to another ICO just over a couple of months ago!

ICOs on the hitlist?

Etherparty is a user-friendly smart cryptocurrency contract creation tool that was raising Ethereum to fund its development. Contributors receive tokens, similar to real-world company shares, when they participate in these Initial Coin Openings (ICOs).

tether-usdtRelatedCryptocurrency Startup Claims Hackers Stole $31 Million in US Dollar Token (USDT)

The token sale was launched on Sunday at 9am PDT and the hack reportedly occurred just 45 minutes later. Unlike some previous attacks, Etherparty detected the attack within 15 minutes and took down its website to prevent users from sending funds to the Ethereum address of hackers. However, in the world of cryptocurrency, 15 minutes may have been enough for hackers to make millions. The ICO was back on track after 95 minutes once the company investigated the issue and restored its website.

Another Ethereum hack: number of victims remains unknown

While the company was quick to announce the hacking attempt, it hasn’t added how many people may have been impacted. “Etherparty is the culmination of all our hardwork and passion, which is why we will continue to listen to community feedback while we safeguard the security and experience on our platform,” the company wrote in a statement.

It did add, however, that the company will be compensating all the affected contributors. “In order to protect the interests of the community, we will be making it right with those that sent ETH to the hacked address by reviewing transactions sent before 10 A.M. and sending them corresponding FUEL after Oct. 29, 2017.”

While ICOs continue to be famous for bringing companies huge amounts of money, the US Securities and Exchange Commission (SEC) is currently looking into regulating these efforts as many ICOs offer huge returns while having no actual product, scamming contributors for millions of dollars. The lack of security measures taken by these companies when dealing with millions of dollars is another troubling sign as hackers just need to use simple tricks – like using dumped passwords – to hijack websites.

ethereum-multi-sig-walletsRelatedThe Case of Frozen Ethereum: Wallet Company Knew About the Flaw for Months But Delayed the Patch

This is only one of the latest reports of hacking attempts targeting ICOs, creating concerns among the community over the legitimacy of these efforts. The CoinDash ICO was hacked in the exact same way when hackers changed the wallet address to their own, making over $7 million worth of Ethereum. Veritaseum and Enigma Project platform were then attacked making their hackers over $8.4 million and $475,000, respectively, while a security flaw had enabled a hacker to pull off a $32 million heist.

Source: FM

Submit