CryptoCoinsInfoClub.com

Ethereum Hack White Hat

Ethereum Developers Launch White Hat Counter-attack On The Dao

Ethereum Developers Launch White Hat Counter-attack On The Dao

Ethereum Developers Launch White Hat Counter-Attack on The DAO Jun 21, 2016 at 20:14 UTC|UpdatedJun 22, 2016 at 14:21 UTC Reports are emerging that members of the ethereum development community are moving funds from The DAO in attempt to stifle a new alleged attack. Developer Alex Van de Sande, lead designer for the Ethereum Foundation, took to Twitter to announce the move, which came shortly after word emerged on social media that more funds were being siphoned from contracts associated with The DAO. He said that theactionis a response to a new exploitation of The DAO's smart contract code, which comes days after millions of dollars worth of ether were taken from contracts associated with project. The address being used by Ethereum's developerscan be found here , and at press time, it had amassed more than 4methers, worth approximately $48m. However, funds from The DAO have also been sent to this address , though whether it istied tothe alleged attack or is involved with the ethereum developer efforts is unclear. At the time of this writing, that address had amassedmore than $140k worth of ethers. A third address has also amassed funds from The DAO, collecting roughly $820,000 at press time. The move to drain the DAO comes amid continued debate among ethereum community members about whether to fork the network in an attempt to thwart those behind last week's attack. Van de Sande did not immediately respond to a request for comment. The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies . CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. Continue reading >>

$30 Million: Ether Reported Stolen Due To Parity Wallet Breach - Coindesk

$30 Million: Ether Reported Stolen Due To Parity Wallet Breach - Coindesk

$30 Million: Ether Reported Stolen Due to Parity Wallet Breach Smart contract coding company Parity has issued a security alert, warning of a vulnerability in version 1.5 or later of its wallet software. So far, 150,000 ethers, worth $30 million, have been reported by the company as stolen, data confirmed by Etherscan.io . As reported by the startup , the issue is the result of a bug in a specific multi-signature contract known as wallet.sol. Data suggests the issue was mitigated, however, as377,000 ethers that were potentially vulnerable to the issue were recovered by white hat hackers. Parity ranked the severity of the bug as "critical" in its public remarks, urging "any user with funds in a multi-sig wallet"move their funds to a secure address. According to Parity founder and CTO Gavin Wood , at least three ether addresses have been compromised as a result of the bug. Writing in the Parity Gitter channel, Wood said: "There is an effort by the foundation underway to secure funds in other wallets to prevent any further compromises; they will make an announcement in their own time." On social media, notable blockchain specialists are already weighing in on the situation, with Proof of Existence creator Manual Araoz suggesting that the compromised addresses could potentially belong to notable owners. Specifically, he identified Edgeless Casino, Swarm City, and ternity three recent initial coin offering projects built on ethereum as potentially having been compromised in the thefts. Asof press time, Swarm City had confirmed the loss of 44,055 ETH.Edgeless Casino and ternityhave not yet given any official comment. Overall, it's the latest security setback for an ethereum project in recent days, following a hack on CoinDash in which $10 million was stolen in an ICO earlier Continue reading >>

White Hats Step In To Save Funds From Vulnerable Ether Wallets

White Hats Step In To Save Funds From Vulnerable Ether Wallets

White Hats Step In to Save Funds from Vulnerable Ether Wallets At 11:30 a.m. (CDT) on July 19, 2017, a hacker managed to steal 153,000 ETH (approximately $32 million at the time) from three Ethereum wallets by exploiting a vulnerability within the wallets' multi-signature verification. The affected wallets include the ones using Parity client version 1.5 or later. According to a tweet by Project Lead Manuel Aroz, the three multisig wallets first targeted by the hack were using Parity client version 1.5 or later, and included Edgeless Casino, Swarm City and ternity Blockchain. However, Project Blocktix also reported a loss totaling 3,916 ETH. According to ETHNews , Blocktix.io was hit by a second attacker who exploited the same vulnerability. A Swarm City blog post revealed that a group of white hat hackers managed to secure the remaining funds from the affected ETH wallets using the same exploit. The swift response of the white hat hackers allowed them to secure the funds of other vulnerable projects. Unfortunately, funds in the wallets of Edgeless Casino, Swarm City and ternity Blockchain are completely lost, though the white hat response team managed to secure 6,272 of 10,188 ETH at Blocktix.io. The White Hat Group announced on Reddit that they will create another multisig for you [the affected users] that has the same settings as your [the users] old multisig but with the vulnerability removed and we will return your [the users] funds to you [the users]. The response team warned the Reddit community to be careful with donation addresses below their post since there are a lot of phishers in the community right now. On July 19, Parity Technologies published a critical security alert stating there was a vulnerability connected to Parity Wallets. The users affected by t Continue reading >>

Ethereum Hack: A Coding Error Led To $30 Million In Ethereum Being Stolen Quartz

Ethereum Hack: A Coding Error Led To $30 Million In Ethereum Being Stolen Quartz

The perils of a blockchains immutable transactions was brought home yesterday as some $30 million in ether was stolen due to a bug in the code of a well known ethereum wallet. It could have been worse: an additional $75 million was at risk because of the same coding fault, but a group of vigilante hackers rescued those funds and are promising to give them back to their owners. The ether was grabbed from the wallets of at least three projects that had recently completed so-called initial coin offerings (ICOs). More worryingly for ICO boosters, the vigilante hackerswho call themselves The White Hat Group saved funds from wallets belonging to some of the biggest coin offerings to date. The bug has now been fixed . Those wallets required multiple people to sign off on transactions, which were supposed to make them more secure. They were favored by businesses over individual users for that reason. The bug could have been catastrophic, given the nearly $1.3 billion raised in ICOs during the first half of this year. Even more galling: the theft came after $7 million was stolen from another ICO, called CoinDash, just days ago. That theft was enabled by a simple trick, rather than any issue with the wallet software or ethereums code: Hackers replaced the legitimate ethereum wallet address listed on the CoinDash website with one belonging to the hackers. The $30 million heist is the latest embarrassing, and costly, episode caused by an ethereum coding snafu. The offending code had a single missing word, according to one longtime ethereum programmer, Christoph Jentzsch. The parity wallet bug: Continue reading >>

White Hats Steal Ethereum To 'save' Users After Hack

White Hats Steal Ethereum To 'save' Users After Hack

White hats steal Ethereum to 'save' users after hack Updated: Over 153,000 ETH stolen from three accounts. Holders ofthe Ethereum cryptocurrency are nervously waiting to see if millions of dollars drained by white hats in a protection effort will be returned, after attackersstole A$39 million from three victims. Attackers exploited a vulnerability in the Parity multi-signature wallet this week to steal 153,037 Ethereum from three accounts belonging tocryptocurrency trading platform Swarm City , Edgeless Casino , andthe Aeternity project . The currency is trading at approximately US$203 per Ethereum coin, bringing the value of the stolen funds to over US$31 million (A$39 million). To stop any more Ethereum from being stolen via the vulnerability, Parity employees - who dubbed themselves the White Hat Group - drained other vulnerable wallets of 377,000 Ethereum and put it into a safe address . "This vulnerability was trivial to execute, so they took the necessary action to drain every vulnerable multisig they could find as quickly as possible,"Reddit /r/ethereum forum moderator Jordi Baylina wrote. "If you hold a multisig contract that was drained, please be patient. We are creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and we will return your funds to you there." He said once the group had finished its work it would be "like nothing happened". Parity Technologies sent out a critical security alert for its multi-signature wallet, advising people to immediately move assets to a secure address. Updated to clarify White Hat Group's involvement. Continue reading >>

Hackers Steal $34 Million In Second Ethereum Cryptocurrency Theft This Week

Hackers Steal $34 Million In Second Ethereum Cryptocurrency Theft This Week

Hackers steal $34 million in second Ethereum cryptocurrency theft this week One of the most popular cryptocurrencies in the world is drawing increased attention from hackers, or at least that has been the case this week. For the second time in a span of just three days, hackers have been able to make off with millions of dollars worth of Ethereum, leaving vigilante white hat hackers scrambling to prevent further theft. In this latest robbery, the hacking group (or individual hacker, we don't know yet) exploited a vulnerability in Parity, a digital wallet service where cryptocurrency miners can store their Ethereum. In doing so, the hackers were able to swipe over 153,000 Ether worth approximately $34 million from three separate multi-signature Ethereum wallets, according to the most recent estimates . Following the latest heist, Parity founder Gavin Wood issued a critical security notice to users. "A vulnerability in Parity Wallet's variant of the standard multi-sig contract has been found," Wood wrote. He goes on to advise users to "immediately move assets contained in the multi-sig wallet to a secure address." In the meantime, white hat hackers have been able to siphon some 377,015 Ether worth more than $85 million to prevent further loss. "White hat group(s) were made aware of a vulnerability in a specific version of a commonly used multi-sig contract. This vulnerability was trivial to execute, so they took the necessary action to drain every vulnerable multi-sig they could find as quickly as possible," the White Hat Group stated on Reddit . Those funds will be issued back to their owners after the group is able to create another multi-sig for each individual with the same settings as before, minus the vulnerability that made theft possible in the first place. This Continue reading >>

Breaking: Hacker Steals $32 Million In Ethereum From 3 Multisig Wallets

Breaking: Hacker Steals $32 Million In Ethereum From 3 Multisig Wallets

This Privacy Policy sets out how Finance Magnates LTD uses and protects any information that you give Finance Magnates LTD when you use this website. If you continue to browse or use this website and/or any of its affiliated websites and/or services you are agreeing to comply with and be bound by the following Privacy Policy, which together with our Terms and Conditions (link) govern Finance Magnates LTDs relationship with you/This privacy notice applies to any Finance Magnates LTD websites, applications, services, or tools (collectively "Services") where this privacy notice is referenced, regardless of how you access or use them, including through mobile devices.Please review carefully the entire website's Privacy Policy before agreeing to it. By viewing or using this website or any part of it, you agree to the complete Privacy Policy of this website.The term "Finance Magnates LTD", "this website", "the website", "us" or "we" refers to the owner of the website. The term "you" refers to the user or viewer of the website. Finance Magnates LTD is committed to ensuring that your privacy is protected as provided in this Privacy Policy. Should we ask you to provide certain information by which you can be identified when using this website, you can be assured that it will only be used in accordance with this Privacy Policy. Personal Information is information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. We do not consider person Continue reading >>

We Spoke To The Hackers Who Stole $85 Million In Ethereum To Save It

We Spoke To The Hackers Who Stole $85 Million In Ethereum To Save It

Deciding to steal $85 million worth of cryptocurrency isn't something to take lightly. For the members of the White Hat Group, however, it seemed to be the only move left. On July 19, the loose collection of hackers and cryptocurrency experts were alerted to the theft of $32 million worth of ether the so-called money unit of Ethereum and realized that if they didn't act quickly the losses would spread. An hour and fifteen minutes later they started hacking. SEE ALSO: These hackers stole $85 million in Ether to save it from *the real crooks* (or so they say) However, this isn't your typical cryptocurrency heist story. Because instead of lining their own pockets, the White Hat Group was allegedly taking the money in order to prevent it from getting stolen by a malicious hacker planning to return the ether to its rightful owners as soon as the vulnerable wallets that allowed the heist could be repaired. "I'm like Commissioner Gordon and Jordi is like Batman." And returned it they have. The group began the process of repatriating the funds on July 24, and as of the time of this writing has sent back approximately $60 million worth. That's $60 million that just a few days ago was at risk of being stolen and never seen again, but now is back in the metaphorical hands of its owners. For this, the WHG has been hailed as mysterious heroes by members of the cryptocurrency scene. But the question still remains: Who are they, really? Could the WHG truly just be do-gooders trying to make the world a better place, or is something sinister going on? For once, this is a story with a happy ending. A conversation with Mashable suggested the WHG consists of cryptocurrency true-believers trying to do the right thing for a community they hold dear. But, thankfully, that strong sense of pur Continue reading >>

'white Hat' Hackers Claim They Stole $85m In Ethereum Tokens For Safekeeping - Siliconangle

'white Hat' Hackers Claim They Stole $85m In Ethereum Tokens For Safekeeping - Siliconangle

Theres a strange new twist to the Parity Ethereum wallet hacking story Wednesday in which 150,000 ETH tokens ($31 million) was stolen from three companies that had recently raised funds through an initial coin offering. Now, so-called white hat hackers are claiming to have stolen an additional377,000 ETH tokens ($85 million) for safekeeping and are promising to return the tokens to their owners at a later date. A spokesperson using the name of jbaylina on Reddit claimed that The White Hat Group became aware of the vulnerability in the Parity multisig Ethereum wallet, so members took the necessary action to drain every vulnerable multisig they could find as quickly as possible. Providing evidence of their actions, the user also linked to an Ethereum block exploreraddress where the stolen, or saved, Ethereum tokens are detailed. The link shows a balance of about 377,105ETH, proving that they have possession of the funds but not necessarily that they will return to them to their rightful owners. If you hold a multisig contract that was drained, please be patient. We will be creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and we will return your funds to you there, jbaylina wrote, explaining the process in which the Ethereum tokens will be returned. We will be using the donations sent to us from The DAO Rescue to pay for gas, he or she added, suggesting that they will be raising money for their alleged white hat service. One interesting part from the Reddit post is the claim that the funds will not be returned until the vulnerability in the Parity wallets is fixed. Parity itself claims to have fixed the problem, suggesting that the hackers may have discovered another vulnerability in the code for the Ethe Continue reading >>

More Than $100m Drained In Multisig Hack As White Hats Ridein

More Than $100m Drained In Multisig Hack As White Hats Ridein

Founder, Token Report. Director of Market Research, New Alchemy. More Than $100M Drained in Multisig Hack as White Hats Ridein This post went out earlier today for subscribers to our investor newsletter covering novel crypto assets. Sign up for the next issue , here . At least 153,000 ETH (32 million USD) is reported missing from multi-signature wallets provided by Parity Technologies, a London- and Berlin-based blockchain technology company, Wednesday. A vulnerability reportedly allowed a hacker to siphon ether away from addresses that held funds using the wallet. After the reported theft, another group of hackers removed over 377,000 ETH (77 million USD) in what they say is a white-hat effort to protect funds exposed in vulnerable wallets. Parity confirmed the vulnerability in a short blog post , and advised users to transfer funds out of its wallets. Multi-signature, or multisig, wallets like Paritys require more than one key to authorize blockchain transactions and are used to collaborate on cryptocurrency and blockchain projects. The Parity hack appears to be the second largest heist of the digital currency Ethereum, topped only by the 2016 hack into The DAO, which exposed 50 million USD worth of contributors coin. Peter Vessenes, managing director of New Alchemy, a blockchain technology company, pointed to a vulnerability in Paritys multisig wallet, now patched, that allowed any user to go in and reset a wallets owners. (Disclosure: Vessenes is the lead investor in Token Report.) Blockchain developer Santiago Palladino, of Zeppelin, a smart contract platform technology provider, went further in a later post , explaining in detail how hackers were able to reset ownership. Palladino explained that the opening lay inside a function Parity put in place to allow extra Continue reading >>

Meet The Unknown, Maverick White Hat Who Rescued Additional Accounts During This Weeks Attack [updated]

Meet The Unknown, Maverick White Hat Who Rescued Additional Accounts During This Weeks Attack [updated]

Meet The Unknown, Maverick White Hat Who Rescued Additional Accounts During This Weeks Attack [UPDATED] Acting almost instinctually, the unaffiliated Ukrainian EDCC engineer took it upon himself to secure vulnerable wallets and return them to their rightful owners in the Ethereum community. At around 11:00 p.m. Eastern European time on July 19, 2017, Oleksii Matiiasevych was winding up a long day, working on some lingering tasks for his Ukrainian blockchain groups. Specifically, Matiiasevych who is the executable distributed code contract ( EDCC ) architect at Ambisafe and advisor to Polybius Bank was distributing some remaining balances according to the bounty program that his companies provide. He had just sent out the last bounty when a slack message came in from a co-worker that linked to a single Tweet from Manuel Aroz of OpenZepplin: Someone stole ~$32M (~153k ether) from three multisig wallets. More info and blog post coming soon. Like every curious Etherean, Matiiasevych immediately located the hacked addresses on the Ethereum blockchain. Comparing the affected contracts, it took Matiiasevych all of four minutes to discover the flaw a bug in the widely used Parity clients multi-sig wallets that some have called the most obvious bug in the history of Ethereum and recognize how an attacker could exploit it to transmit funds from those wallets to their own. He quickly searched for other addresses built on the faulty Parity code, only to discover they had already been drained as well. The news was quickly saturating the ecosystem. In a community of developers, it was likely that others could discover the same vulnerability once they were tipped off on where to look. At the time, whether the party draining these wallets was the same attacker or another party running Continue reading >>

A Hacker Stole $31m Of Etherhow It Happened, And What It Means Forethereum

A Hacker Stole $31m Of Etherhow It Happened, And What It Means Forethereum

A hacker stole $31M of Ether how it happened, and what it means forEthereum Yesterday, a hacker pulled off the second biggest heist in the history of digital currencies. Around 12:00 PST, an unknown attacker exploited a critical flaw in the Parity multi-signature wallet on the Ethereum network, draining three massive wallets of over $31,000,000 worth of Ether in a matter of minutes. Given a couple more hours, the hacker couldve made off with over $180,000,000 from vulnerable wallets. Having sounded the alarm bells, a group of benevolent white-hat hackers from the Ethereum community rapidly organized. They analyzed the attack and realized that there was no way to reverse the thefts, yet many more wallets were vulnerable. Time was of the essence, so they saw only one available option: hack the remaining wallets before the attacker did. By exploiting the same vulnerability, the white-hats hacked all of the remaining at-risk wallets and drained their accounts, effectively preventing the attacker from reaching any of the remaining $150,000,000. To prevent the hacker from robbing any more banks, the white-hats wrote software to rob all of the remaining banks in the world. Once the money was safely stolen, they began the process of returning the funds to their respective account holders. The people who had their money saved by this heroic feat are now in the process of retrieving their funds. Its an extraordinary story, and it has significant implications for the world of cryptocurrencies. Its important to understand that this exploit was not a vulnerability in Ethereum or in Parity itself. Rather, it was a vulnerability in the default smart contract code that the Parity client gives the user for deploying multi-signature wallets. This is all pretty complicated, so to make th Continue reading >>

Parity Hack: White Hat Group Drains $85 Mln As Company Fills Holes

Parity Hack: White Hat Group Drains $85 Mln As Company Fills Holes

Parity Hack: White Hat Group Drains $85 Mln As Company Fills Holes Gavin Woods Parity is still not in the clear after a hacker drained $35 mln from its customers wallets. The $34 mln Ethereum hack from Gavin Woods Parity client continues Thursday amid desperate attempts to secure funds. As reports began surfacing on social media of a multimillion dollar compromise to Parity, an official blog post subsequently confirmed a security alert, the effects of which are ongoing. STOP USING ETHEREUM Pierre Rochard (@pierre_rochard) July 19, 2017 Multiple news outlets reported the loss of Parity ETH, with the latest estimates suggesting more than 150,000 coins ($33,853,000) are missing. Wood, who along with Vitalik Buterin was one of the co-founders of Ethereum, said efforts were still being made to contain any future risk. "There is an effort by the foundation underway to secure funds in other wallets to prevent any further compromises; they will make an announcement in their own time, he wrote on Paritys Gitter channel quoted by Business Insider today. Customers affected by hackers exploiting a wallet vulnerability include P2P sharing economy startup Swarm City, which yesterday signaled the loss of almost 45,000 ETH (10,155,000). A white hat hacker group subsequently drained other Parity wallets to protect funds worth 377,105 ETH ($85,108,000). The attack was initially thought only to affect version 1.5 of Paritys wallet software and higher. However, the company appears to have retracted the statement, crossing out the information in its original blog post. Continue reading >>

How Coders Hacked Back To Rescue $208 Million In Ethereum

How Coders Hacked Back To Rescue $208 Million In Ethereum

Image: Shutterstock. Edited by Jason Koebler. How Coders Hacked Back to Rescue $208 Million in Ethereum "We were in the zone. We'd done this before." Image: Shutterstock. Edited by Jason Koebler. On Wednesday, an anonymous hacker (or hackers) stole $32 million worth of ethereum's cryptocurrency, ether, from three multi-signature wallets thanks to a vulnerability in the contract for the wallets. A volunteer group of coders calling themselves the White Hat Group took it upon themselves to "rescue" the funds in the other 500 vulnerable wallets before the hackers could get them. They did this by breaching the wallets using the same vulnerability as the hackers and funneling the funds into the group's own account. On Monday morning, the group was in possession of $86 million USD worth of other people's ether, and $122 million in tokensthe digital assets that are sold off in Initial Coin Offerings (ICOs), fundraising events that have raised millions in mere minutes . That's about $208 million worth of digital assets in ethereum, in total. By Monday afternoon, tens of millions of dollars worth of tokens and ether had been returned to their owners. They say they plan to give all the funds back to their owners by July 31st . This is the story of how it all happened. Alex Van de Sande didn't know what he was in for. As an interface designer for the Ethereum Foundation , the organization that leads protocol development for the eponymous cryptocurrency and app platform, he was a notable attendee at an annual ethereum workshop at Cornell University that kicked off on Monday. The last time de Sande attended, in the summer of 2016, the worst hack in ethereum's short history had just occurred: Hackers exploited a bug in the code of a crowd-directed investment fund called the DAO and s Continue reading >>

Hackers Seize $32 Million In Ethereum In Parity Wallet Breach

Hackers Seize $32 Million In Ethereum In Parity Wallet Breach

Hackers Seize $32 Million in Ethereum in Parity Wallet Breach Get exclusive analysis and cryptocurrency insights on Hacked.com for just $39 per month. Parity Technologies has issued a critical security alert for their popular multi-signature wallet software following an apparent breach. The development team urged users holding ether in multi-sig contract wallets version 1.5 or later to immediately transfer their tokens to a secure address. The breach only affects multi-sig wallets; normal wallets appear to be safe. MULTI-SIG wallets in Parity Wallet have a little "wallet" tag in upper right corner. Normal wallets don't have the tag & are NOT at risk! pic.twitter.com/0AaCnppLzp According to Etherscan.io , the hacker(s) absconded with more than 153,000 ether, worth more than $32 million at the current exchange rate ($213 per CoinMarketCap).The Parity wallet hack comes just days after CoinDash had to cancel its much-hyped ICO following a $10 million hack . Its worth noting that the DAO hack which ultimately resulted in an Ethereum blockchain splitnetted hackers $50 million in tokens at the time. The Parity Hackers Wallet Contains 153,000 ether, according to Etherscan.io. Non-ether tokens held in multi-sig wallets are also subject to the vulnerability, but the hacker only stole a small amount of one tokenFUCKcoin. News of the hack quickly spread throughout the cryptocurrency ecosystem, and Ethereum projects storing funds in Parity multi-sig wallets scrambled to see if their funds had been compromised. Swarm City confirmed they had lost more than 44,000 ETH in the breach and revealed that funds held by Edgeless Casino and Aeternity had fallen prey to the hacker as well. Others, such as CivicKey CEO Vinny Lingham, breathed a sigh of relief after finding their tokens were saf Continue reading >>

More in ethereum