Ethereum Keeps Making Hackers Rich – This Time It’s a $32 Million Heist
After a $7.4 million Ethereum hack earlier this week, another hacker has managed to steal 153,000 units of Ether, currently worth over 32 million in US dollars. The hacker whose identity is unknown used a vulnerability in an Ethereum wallet client, Parity. A security flaw in Parity Wallet’s variant of the standard multi signature (multi-sig) contract allowed the hacker to send funds from multi-sig wallets that were created with Parity clients 1.5 and later. Multiple people have control over their keys in these wallets, and funds cannot move in multi-sig Ethereum accounts unless a majority of owners sign with their keys.
The attack started late Tuesday and continued on Wednesday, with a total of three transactions made during that period. After Parity spotted the attack, The White Hat Group almost immediately used the same flaw to drain the rest of money from other multi-sig Parity wallets to bring an end to this crypto-job. The attack reportedly affected three wallets, with victims identified as, Swarm City, æternity blockchain, and Edgeless Casino.
Ethereum hack followed by “white hat wallet drains” – who are these saviors?
The White Hat Group appears to be some sort of cryptocurrency savior made up of security researchers and Ethereum Project members to ensure the security of funds in vulnerable wallets. They have promised that the funds they drained will return to their owners.
“If you hold a multisig contract that was drained, please be patient,” the group wrote. “They will be creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and will return your funds to you there.”
— Lefteris Karapetsas (@LefterisJP) July 19, 2017
Those who suffered from the first part of this attack by the unknown hacker will probably never see their Ether back.
Parity has reported the vulnerability that the latest Ethereum hack used has been fixed.
Summary: A vulnerability in Parity Wallet’s variant of the standard multi-sig contract has been found.
Affected users: Any user with assets in a multi-sig wallet created in Parity Wallet prior to 19/07/17 23:14:56 CEST.
UPDATE (20/07/17, 00:26 CEST): Future multi-sig wallets created by versions of Parity are secure (Fix in the code is https://github.com/paritytech/parity/pull/6103 and the newly registered code is https://etherscan.io/tx/0x5f0846ccef8946d47f85715b7eea8fb69d3a9b9ef2d2b8abcf83983fb8d94f5f).
We have been seeing a lot of hacks focusing on Ethereum lately. At least 3 different attacks have been reported in the last three weeks. Only this week, a hacker used a very simple trick of changing the address to his own wallet during CoinDash ICO. Earlier in July, another attacker had gained control over Classic Ether Wallet to get user credentials and then exfiltrate funds from multiple wallets.
Following the latest Ethereum hack report, ETH value dropped 14%, going down from $230 to $200.