CryptoCoinsInfoClub.com

Ethereum Hack 2017

Hacker Steals $7.4 Million In Ethereum During Coindash Ico Launch

Hacker Steals $7.4 Million In Ethereum During Coindash Ico Launch

Hacker steals $7.4 million in ethereum during CoinDash ICO launch The hack took only a few minutes but allowed the criminal to escape with millions in investor funds. A hacker has made off with roughly $7.4 million in virtual currency after pouncing during an ethereum ICO. As reported my Motherboard , the hacker took the opportunity to disrupt the Initial Coin Offering (ICO) of CoinDash , a trading platform for cryptocurrencies. On Monday, CoinDash held its Token Sale event, in which investors were meant to be able to fund apps in development with virtual currency in return for a stake in such applications in an event similar to a crowdfunding campaign. The CoinDash ICO, like many others in which cryptocurrency "tokens" (CDT) were exchanged for shares in a project, was keenly anticipated by investors. However, this time, something went terribly wrong. In a statement on its website, the platform apologized, admitting that a "hacking attack" took place during the event by an unknown perpetrator, resulting in the loss of millions in ethereum, also known as ether (ETH). Rather than conduct a complex attack on trading itself, however, the hacker employed a simple tactic. At the time of the ICO, in which CoinDash posted a string of characters which represented its wallet address for investors to send funds to, it appears that the hacker compromised the website and changed this text to a wallet they control. It was a matter of minutes before the platform realized the security breach had taken place and warned investors, but it was too late -- and now the stolen funds intended for CoinDash are simply sitting in a wallet awaiting collection. CoinDesk has pleaded with traders not to send any cryptocurrency as the Token Sale has been canceled, and the organization considers itsel Continue reading >>

Report: Hackers Stole $32 Million In Ethereum After A Parity Breach - Business Insider

Report: Hackers Stole $32 Million In Ethereum After A Parity Breach - Business Insider

Smart contract coding company Parity has issued a security alert, warning of a vulnerability in version 1.5 or later of its wallet software. So far, 150,000 ethers, worth $30 million (23 million), have been reported by the company as stolen, data confirmed by Etherscan.io . As reported by the startup , the issue is the result of a bug in a specific multi-sig contract known as wallet.sol. Data suggests the issue was mitigated, however, as 377,000 ethers that were potentially vulnerable to the issue were recovered by white hackers. Parity ranked the severity of the bug as "critical" in its public remarks, urging "any user with funds in a multi-sig wallet" move their funds to a secure address. According to Parity founder and CTO Gavin Wood , at least three ether addresses have been compromised as a result of the bug. Writing in the Parity Gitter channel, Wood said:"There is an effort by the foundation underway to secure funds in other wallets to prevent any further compromises; they will make an announcement in their own time." On social media, notable blockchain specialists are already weighing in on the situation, with Proof of Existence creator Manual Araoz suggesting that the compromised addresses could potentially belong to notable owners. Specifically, he identified Edgeless Casino, Swarm City, and ternity three recent initial coin offering projects built on ethereum as potentially having been compromised in the thefts. As of press time, Swarm City had confirmed the loss of 44,055 ETH. Edgeless Casino and ternity have not yet given any official comment. Overall, it's the latest security setback for an ethereum project in recent days, following a hack on CoinDash in which $10 million was stolen in an ICO earlier this week. Read the original article on CoinDesk . Copy Continue reading >>

Here's How To Protect Your Bitcoin And Ethereum From Hacking

Here's How To Protect Your Bitcoin And Ethereum From Hacking

Six ways to protect your bitcoin and ethereum investments from hackers Coinbase , one of the largest cryptocurrency exchanges, added about 1.9 million new users in the last two months. In the same period, Blockchain.com , the leading digital wallet to store cryptocurrencies, saw its users grow just slightly less than that. Many are newcomers, unaware of the risks and security holes in the complicated yet lucrative world of cryptocurrency, making them easy prey for hackers and cyberthiefs. One common crime that's carried out on cryptocurrency investors is the phone-porting attack . Hackers snoop around social media, looking for cryptocurrency conversations in which investors post their phone and email for easy contact. Then, posing as the victim, they call up the phone provider in an attempt to fool the customer service representative into transferring the phone number to a device they control. Once the hackers take over the phone number, they can go into the victim's cryptocurrency exchange account by resetting the password, ultimately stealing cryptocurrencies from the account. Cody Brown, a virtual reality developer, blogged about how he lost around $8,000 worth of cryptocurrencies on Coinbase in 15 minutes, triggered by a phone porting attack on his phone account. A cellphone number is not the only point of weakness. Adam Dachis , a former writer for Lifehacker, says his Coinbase account was ransacked in May by hackers who took control of his home computer, costing him $10,000 worth of cryptocurrencies. "Computer hacks, phishing attacks and cryptocurrency Ponzi schemes are all common types of cryptocurrency theft," said Jonathan Levin, co-founder of Chainalysis , an intelligence software firm that specializes in tracking and solving cryptocurrency crimes. So what's Continue reading >>

2017 Bitcoin And Ethereum Hack Due To Flawed Code, Not Flawed Currency

2017 Bitcoin And Ethereum Hack Due To Flawed Code, Not Flawed Currency

2017 Bitcoin and Ethereum Hack due to Flawed Code, not Flawed Currency In the wake of this years Bitcoin & Ethereum hacks, Edgy Labs turns to the how behind this next-gen consumer fraud and discuss crypto pitfalls. In the wake of this years Bitcoin & Ethereum hacks, Edgy Labs turns to the how behind this next-gen consumer fraud. A hack resulted in millions in Bitcoin and Ethereum being stolen recently, but this isnt because the cryptocurrencies themselves are susceptible to hacking. Rather, its due to flaws in each of these platforms code. This might seem rather familiar, since, a few months ago Bitcoin exchange company Yapizon was also hacked and over 3816.2028 Bitcoins were stolen. You may have also heard of Cloud Mining Ponzi schemes & scams such as Gawminers , Hashocean , Cointellect , Biteminer , Hashpoke , Hashinvest . Why have these advanced platforms been prone to attacks lately, while other (smaller and arguably less secure) cryptocurrency platforms have been left unaffected? Simply put, the more complex security protocols are, the less safe they become. Since codes are written and peer-reviewed by human beings there will inevitably be answers in the code. This is why simplicity and testing are the backbone of digital security. How did the 2017 Bitcoin & Ethereum Hack Happen? The 2017 Bitcoin hack was caused by a flaw in the SS7 system (and had nothing really to do with cryptocurrency itself). Ethereum is based on Bitcoin technology, but smart contracts and other features of the code improve upon Bitcoins base. This is actually the very thing that makes it susceptible to hacks: it is overly complex. Plus, Ethereum is not centralized in any physical place, but rather expands a huge, decentralized network.Moreover, Ethereum is one direction: if flawed code is pu Continue reading >>

Hackers Continue Using Simple Tricks To Make Millions In Ethereum

Hackers Continue Using Simple Tricks To Make Millions In Ethereum

Hackers take over yet another Ethereum ICO Hackers continue to target cryptocurrency projects as Etherparty has announced that its ICO website was hacked into. Criminals allegedly took over the site, changing the address for sending funds from the official address to their own. Sounds familiar? Thats because it happened to another ICO just over a couple of months ago ! Etherparty is a user-friendly smart cryptocurrency contract creation tool that was raising Ethereum to fund its development. Contributors receive tokens, similar to real-world company shares, when they participate in these Initial Coin Openings (ICOs). RelatedCryptocurrency Startup Claims Hackers Stole $31 Million in US Dollar Token (USDT) The token sale was launched on Sunday at 9am PDT and the hack reportedly occurred just 45 minutes later. Unlike some previous attacks, Etherparty detected the attack within 15 minutes and took down its website to prevent users from sending funds to the Ethereum address of hackers. However, in the world of cryptocurrency, 15 minutes may have been enough for hackers to make millions. The ICO was back on track after 95 minutes once the company investigated the issue and restored its website. Another Ethereum hack: number of victims remains unknown While the company was quick to announce the hacking attempt, it hasnt added how many people may have been impacted. Etherparty is the culmination of all our hardwork and passion, which is why we will continue to listen to community feedback while we safeguard the security and experience on our platform, the company wrote in a statement. It did add, however, that the company will becompensating all the affected contributors.In order to protect the interests of the community, we will be making it right with those that sent ETH to Continue reading >>

'$300m In Cryptocurrency' Accidentally Lost Forever Due To Bug

'$300m In Cryptocurrency' Accidentally Lost Forever Due To Bug

'$300m in cryptocurrency' accidentally lost forever due to bug User mistakenly takes control of hundreds of wallets containing cryptocurrency Ether, destroying them in a panic while trying to give them back We are analysing the situation and will release an update with further details shortly, developer Parity told users.Photograph: Thomas White/Reuters '$300m in cryptocurrency' accidentally lost forever due to bug User mistakenly takes control of hundreds of wallets containing cryptocurrency Ether, destroying them in a panic while trying to give them back Last modified on Wednesday 8 November 2017 09.25EST More than $300m of cryptocurrency has been lost after a series of bugs in a popular digital wallet service led one curious developer to accidentally take control of and then lock up the funds, according to reports. Unlike most cryptocurrency hacks, however, the money wasnt deliberately taken: it was effectively destroyed by accident. The lost money was in the form of Ether, the tradable currency that fuels the Ethereum distributed app platform, and was kept in digital multi-signature wallets built by a developer called Parity. These wallets require more than one user to enter their key before funds can be transferred. On Tuesday Parity revealed that, while fixing a bug that let hackers steal $32m out of few multi-signature wallets, it had inadvertently left a second flaw in its systems that allowed one user to become the sole owner of every single multi-signature wallet. A cryptocurrency is a form of digital asset, created through a canny combination of encryption and peer-to-peer networking. Bitcoin, the first and biggest cryptocurrency, is part of a decentralised payment network. If you own a bitcoin, you control a secret digital key which you can use to prove to Continue reading >>

Hacks, Scams And Attacks: Blockchain's 2017 Disasters

Hacks, Scams And Attacks: Blockchain's 2017 Disasters

Hacks, Scams and Attacks: Blockchain's 2017 Disasters Dec 29, 2017 at 00:00 UTC|UpdatedDec 29, 2017 at 13:30 UTC Bombarded by no shortage of unfamiliar technical terms in 2017, consumers in the blockchain sector once again proved a ripe target for hackers and criminals. But, not all hacks and scams were created equal.Some rose above the froth - either due to their size or impact - as well as what they said about the state of blockchain technology and the industry itself. Still, the impacts of these incidents were far from academic. Whether it was a simple wallet hack, fraudulent ICO or a bug in a piece of software code, investors lost millions, with nearly$490 million taken in the incidents below. So far, none of the perpetrators of these crimes has been caught or even identified, and it's questionable whether most of these funds can be found or returned. Payment and shipment startup CoinDash launched an initial coin offering (ICO) campaign early this summer, but it quickly had to pump the brakes after its ethereum address was compromised . The startup raised $7.3 million before a hacker changed the address, causing donations to go to an unknown party. The company shut down the ICO, but promised to send its native token award, CDT, to those who attempted to donate. While the company stated that donations sent after it had released its statement would not be honored, some investors continued to show support by donating to the hacked address , inadvertently raising the amount of stolen funds from $7 million to $10 million at the time. All in all, the incident showcases the growing pains experienced by ICOs, which despite raising massive amounts of funds, still had to navigate the complexities of an early-stage technology. It was a tough year for cryptocurrency wallet pro Continue reading >>

Massive Hack Hits Ethereum Parity Clients More Than $30m Of Ether Still At Large [updated]

Massive Hack Hits Ethereum Parity Clients More Than $30m Of Ether Still At Large [updated]

Massive Hack Hits Ethereum Parity Clients More Than $30M Of Ether Still At Large [UPDATED] Recently created Parity multisig wallets are still exploitable; wallets created through Geth or MyEtherWallet and single-user wallets are unaffected. White Hat hacking group saved a large amount of Ether from attack, which it intends to return to wallet holders. The White Hat Group announced that tonight it will begin returning funds rescued during the attack. If you were affected, please follow these instructions on how to re-claim your tokens. The second alleged attacker reported yesterday has been identified as independent White HatOleksii Matiiasevych. He told ETHNews about his decision to come to the communitys aid. At approximately 9:30 a.m. (Pacific Time) on July 19, 2017, a vulnerability in Ethereum clients was discovered that could allow an attacker to drain the funds of users who created multi-signature wallets wallets that require multiple private keys to activate using Parity client version 1.5 or later (released January 19, 2017). Ethereum Foundation members and Parity developers urge any users who control a multisig wallet created through a Parity node after that date to carefully and immediately move any remaining funds into another wallet that was not created with the exploit. Recommended wallets are those created with MyEtherWallet , a Geth node, or any single-user wallets created on Parity. A wallet was discovered belonging to a suspected malicious actor who had already exploited the vulnerability and stole approximately 153,000 Ether ($30.5 million) from three vulnerable wallets. Within five hours, a White Hat hacking group or hacking collective that aims to discover and operate exploitable vulnerabilities in digital products for benevolent purposes announced t Continue reading >>

A Hacker Stole $31m Of Etherhow It Happened, And What It Means Forethereum

A Hacker Stole $31m Of Etherhow It Happened, And What It Means Forethereum

A hacker stole $31M of Ether how it happened, and what it means forEthereum Yesterday, a hacker pulled off the second biggest heist in the history of digital currencies. Around 12:00 PST, an unknown attacker exploited a critical flaw in the Parity multi-signature wallet on the Ethereum network, draining three massive wallets of over $31,000,000 worth of Ether in a matter of minutes. Given a couple more hours, the hacker couldve made off with over $180,000,000 from vulnerable wallets. Having sounded the alarm bells, a group of benevolent white-hat hackers from the Ethereum community rapidly organized. They analyzed the attack and realized that there was no way to reverse the thefts, yet many more wallets were vulnerable. Time was of the essence, so they saw only one available option: hack the remaining wallets before the attacker did. By exploiting the same vulnerability, the white-hats hacked all of the remaining at-risk wallets and drained their accounts, effectively preventing the attacker from reaching any of the remaining $150,000,000. To prevent the hacker from robbing any more banks, the white-hats wrote software to rob all of the remaining banks in the world. Once the money was safely stolen, they began the process of returning the funds to their respective account holders. The people who had their money saved by this heroic feat are now in the process of retrieving their funds. Its an extraordinary story, and it has significant implications for the world of cryptocurrencies. Its important to understand that this exploit was not a vulnerability in Ethereum or in Parity itself. Rather, it was a vulnerability in the default smart contract code that the Parity client gives the user for deploying multi-signature wallets. This is all pretty complicated, so to make th Continue reading >>

Ethereum Worth Millions Of Dollars Gets Locked Up | Fortune

Ethereum Worth Millions Of Dollars Gets Locked Up | Fortune

An Ethereum hard fork may be in the future. Thats after a user of digital currency wallet Parity, which many use to store their Ethereum, effectively froze millions of dollars worth of the cryptocurrency on Tuesdayapparently by accident. The user accidentally triggered a flaw with an update to Paritys multi-signature wallets, according to the open-sourced wallet maker , which cut off all access to the funds they contained. This means that currently no funds can be moved out of the multi-sig wallets, Parity warned. We very much regret that yesterdays incident has caused a great deal of stress and confusion amongst our users and the community as a whole, especially with all the speculation surrounding the issue. Although its unclear how much has been cordoned off, early estimates from investors and cryptocurrency watchers put it between $150 million to $280 million. Update: To the best of our knowledge the funds are frozen & can't be moved anywhere. The total ETH circulating social media is speculative. Parity Technologies (@ParityTech) November 7, 2017 The Parity flaw, which affects versions of the wallets deployed after July 20, allowed the user to take control of a smart contract that included coded transaction instructions for multiple wallets. After making himself the owner of the contract, the user deactivated itthereby cutting off access to the ether within. (To reduce the burden on computers, Ethereum users usually deactivate the contract once theyre done with it, or self-destruct it.) The only way to re-activate the smart contract is to perform a hard fork that effectively reverses the work, wrote Patrick McCorry, a cryptocurrency researcher at University College London. Hard forks effectively create a new version of a cryptocurrency when a faction of users refu Continue reading >>

Parity's $280m Ethereum Wallet Freeze Was No Accident: It Was A Hack, Claims Angry Upstart

Parity's $280m Ethereum Wallet Freeze Was No Accident: It Was A Hack, Claims Angry Upstart

A cryptocurrency collector who was locked out of his $1m Ethereum multi-signature wallet this week by a catastrophic bug in Parity's software has claimed the blunder was not an accident it was "deliberate and fraudulent." On Tuesday, Parity confessed all of its multi-signature Ethereum wallets which each require multiple people to sign-off transactions created since July 20 were "accidentally" frozen, quite possibly permanently locking folks out of their cyber-cash collections. The digital money stores contained an estimated $280m of Ethereum; 1 ETH coin is worth about $304 right now. The wallet developer blamed a single user who, apparently, inadvertently triggered a software flaw that brought the shutters down on roughly 70 crypto-purses worldwide. That user, known as devops199 on GitHub although has since deleted their account, claimed they created a buggy wallet and tried to delete it. Thanks to a programming blunder in Parity's code, that act locked down all wallets created after July 20, when Parity updated the multi-signature wallet software following a $30m robbery . Parity calamity! Wallet code bug destroys $280 MEEELLION in Ethereum One of those now-frozen Ethereum wallets belongs to Cappasity, a startup an online marketplace for AR and VR 3D models. It says it had 3,264 ETH in the knackered Parity money store, worth about $1m at current prices, and isn't likely to get the funds back any time soon. Cappasity amassed the Ethereum from punters buying ARtokens, which can be exchanged for designs when the souk launches later this year. The biz still has access to the Bitcoins it received for ARtokens. Now Cappasity has alleged the wallet freeze was no accident: someone deliberately triggered the mass lock down, we're told, and there's evidence to prove it. By stu Continue reading >>

Ethereum's Parity Hacked, Half A Million Eth Frozen

Ethereum's Parity Hacked, Half A Million Eth Frozen

A security vulnerability in Ethereums second most popular client, Parity, has been exploited by this address earlier today. All Parity multi-sig wallets have been frozen. That includes the Polkadot ICO and may include many others totaling around 500,000 eth, worth $150 million, according to some number crunching . Following the fix for the original multi-sig issue that had been exploited on 19th of July (function visibility), a new version of the Parity Wallet library contract was deployed on 20th of July, Parity says before adding: However that code still contained another issue it was possible to turn the Parity Wallet library contract into a regular multi-sig wallet and become an owner of it by calling the initWallet function. It would seem that issue was triggered accidentally 6th Nov 2017 02:33:47 PM +UTC and subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library. The code library, a sort of collection of code templates, was kind of a smart contract itself. That has now been wiped out, and with it the code functions too. Meaning multi-sig wallets (addresses that require two or three private key signatures to move) are blacked out. So the funds cant move because you cant talk to the wallets. Or at least thats what is known at this stage as the story is developing with further information to come in due time, but the big question now is whether to fork or not in order to unfreeze the funds. Bitcoin forked in 2010 after a bug was able to create billions of bitcoins out of thin air. Ethereum forked in 2016 after the then biggest smart contract was hacked. Bitcoin forked at a time when the community was far to Continue reading >>

How Coders Hacked Back To Rescue $208 Million In Ethereum

How Coders Hacked Back To Rescue $208 Million In Ethereum

Image: Shutterstock. Edited by Jason Koebler. How Coders Hacked Back to Rescue $208 Million in Ethereum "We were in the zone. We'd done this before." Image: Shutterstock. Edited by Jason Koebler. On Wednesday, an anonymous hacker (or hackers) stole $32 million worth of ethereum's cryptocurrency, ether, from three multi-signature wallets thanks to a vulnerability in the contract for the wallets. A volunteer group of coders calling themselves the White Hat Group took it upon themselves to "rescue" the funds in the other 500 vulnerable wallets before the hackers could get them. They did this by breaching the wallets using the same vulnerability as the hackers and funneling the funds into the group's own account. On Monday morning, the group was in possession of $86 million USD worth of other people's ether, and $122 million in tokensthe digital assets that are sold off in Initial Coin Offerings (ICOs), fundraising events that have raised millions in mere minutes . That's about $208 million worth of digital assets in ethereum, in total. By Monday afternoon, tens of millions of dollars worth of tokens and ether had been returned to their owners. They say they plan to give all the funds back to their owners by July 31st . This is the story of how it all happened. Alex Van de Sande didn't know what he was in for. As an interface designer for the Ethereum Foundation , the organization that leads protocol development for the eponymous cryptocurrency and app platform, he was a notable attendee at an annual ethereum workshop at Cornell University that kicked off on Monday. The last time de Sande attended, in the summer of 2016, the worst hack in ethereum's short history had just occurred: Hackers exploited a bug in the code of a crowd-directed investment fund called the DAO and s Continue reading >>

Founders Of Hacked Crypto-mining Site Apologize Over Facebook Livestream

Founders Of Hacked Crypto-mining Site Apologize Over Facebook Livestream

Founders of hacked crypto-mining site apologize over Facebook livestream Yesterday, hackers stole $64 million from NiceHash, a company that lets users apply their extra GPUs to mining cryptocurrencies. The attack caused NiceHash to shut down its website for 24 hours, as the sites payment system was compromised and its bitcoin wallets emptied. Today, CEO Marko Kobal and co-founder Sasa Coh appeared on a Facebook livestream to address user concerns. I see various kinds of emojis down there, Kobal said at the start of the livestream, as users made their complaints heard. Numerous viewers said Kobal and Coh looked guilty, and some voiced suspicion of an inside job. The Slovenia-based company, founded in 2014, has paid out over a billion dollars to miners over the last three years, according to its founders. That success, Kobal said, was what drew the wrong kind of attention to NiceHash. Unfortunately, we became a target and someone really wanted to bring us down, he said in the six minute livestream. Law enforcement and cybersecurity experts are working with NiceHash to pinpoint the total amount of cryptocurrency stolen and how exactly the system was compromised. Kobal said that about 4,700 bitcoins were stolen on December 6th and that a hacker or a group of hackers with an IP address outside of Europe accessed NiceHash computers. Through that access, the hacker(s) obtained a NiceHash engineers credentials and used them to access the payment system. The hack comes during a particularly volatile moment: today, bitcoin prices momentarily soared past $19,000 on some exchanges, after weeks of unprecedented growth. It was a highly sophisticated attack, said Kobal, who said that he could share more in the coming days. Many livestream viewers asked in comments whether the company Continue reading >>

Ethereum Hack: A Coding Error Led To $30 Million In Ethereum Being Stolen Quartz

Ethereum Hack: A Coding Error Led To $30 Million In Ethereum Being Stolen Quartz

The perils of a blockchains immutable transactions was brought home yesterday as some $30 million in ether was stolen due to a bug in the code of a well known ethereum wallet. It could have been worse: an additional $75 million was at risk because of the same coding fault, but a group of vigilante hackers rescued those funds and are promising to give them back to their owners. The ether was grabbed from the wallets of at least three projects that had recently completed so-called initial coin offerings (ICOs). More worryingly for ICO boosters, the vigilante hackerswho call themselves The White Hat Group saved funds from wallets belonging to some of the biggest coin offerings to date. The bug has now been fixed . Those wallets required multiple people to sign off on transactions, which were supposed to make them more secure. They were favored by businesses over individual users for that reason. The bug could have been catastrophic, given the nearly $1.3 billion raised in ICOs during the first half of this year. Even more galling: the theft came after $7 million was stolen from another ICO, called CoinDash, just days ago. That theft was enabled by a simple trick, rather than any issue with the wallet software or ethereums code: Hackers replaced the legitimate ethereum wallet address listed on the CoinDash website with one belonging to the hackers. The $30 million heist is the latest embarrassing, and costly, episode caused by an ethereum coding snafu. The offending code had a single missing word, according to one longtime ethereum programmer, Christoph Jentzsch. The parity wallet bug: Continue reading >>

More in ethereum