On Wednesday, cybercriminals stole away 150,000 ether tokens that is worth around $30 million. Ether is a digital currency similar to bitcoin.
According to data from Etherscan. around 153,000 tokens were taken by hackers. From commerce platform Swarm City, 44,055 tokens were stolen. according to Swarm City communications officer Matthew Carano, the theft was noticed at 12:30 p.m. ET on Wednesday. At today's price for ether, the stolen tokens are worth around $32.6 million.
"We alerted the Ethereum Foundation and multiple developer groups immediately. Together, we were able to determine that malicious actors had exploited a flaw in the Parity Multisig code, which allowed a known party to steal over 153,000 ether from several projects including Edgeless Casino, Aeternity, and Swarm City," Carano said in a blog post.
Confirmation pf theft of 82,000 ether was given by Aeternity in a blog post. According to Coindesk data, ether’s price fell from around $235 to $196 once the hack came to light. Since the lowest it has recovered slightly to $213.
Parity, a software developer which produces a web browser allowing users to interact with the Ethereum blockchain network and buy and sell cryptocurrencies including ether, later released a critical security alert.
A digital wallet for users to keep their funds is produced by Parity. multisignature technology, that requires another user to sign a transaction before it is added to the blockchain, adds to the security and can be used by these wallets.
However, hackers exploited a vulnerability in the multisignature wallet's code.
Telling users with Parity's multisignature wallets to move their funds to somewhere secure, a security alert was issued by Gavin Wood, founder and CTO of Parity.
"There is an effort by the foundation underway to secure funds in other wallets to prevent any further compromises," Wood said on Gitter, an instant messaging chatroom, on Wednesday.
Parity reported it had released an update to fix the coding issue and future wallets are secure around midnight on Wednesday.
"White hat" hackers in the Ethereum community were able to save more than 377,000 ether tokens by taking them from affected wallets, when the vulnerability issue came to light.
"If you hold a multisig contract that was drained, please be patient. We will be creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and we will return your funds to you there," the group published on Reddit.
On Monday, another $7 million worth of ether tokens were stolen.
The hack has serious ramifications and caused the ether price to dip, says Tyler Moffitt, senior threat research analyst at cybersecurity firm Webroot.
"The key takeaway from this hack is that we're still exploring the Ethereum space and wallet security is more important than ever. As a threat researcher, I personally recommend hardware or native wallets (desktop wallets); they are the most secure, as you are in control of any transaction," he said.
"Do not store lots of currency in exchanges that control your private address. Only use them to make trades then back out to safe addresses."
(Source:www.cnbc.com)
According to data from Etherscan. around 153,000 tokens were taken by hackers. From commerce platform Swarm City, 44,055 tokens were stolen. according to Swarm City communications officer Matthew Carano, the theft was noticed at 12:30 p.m. ET on Wednesday. At today's price for ether, the stolen tokens are worth around $32.6 million.
"We alerted the Ethereum Foundation and multiple developer groups immediately. Together, we were able to determine that malicious actors had exploited a flaw in the Parity Multisig code, which allowed a known party to steal over 153,000 ether from several projects including Edgeless Casino, Aeternity, and Swarm City," Carano said in a blog post.
Confirmation pf theft of 82,000 ether was given by Aeternity in a blog post. According to Coindesk data, ether’s price fell from around $235 to $196 once the hack came to light. Since the lowest it has recovered slightly to $213.
Parity, a software developer which produces a web browser allowing users to interact with the Ethereum blockchain network and buy and sell cryptocurrencies including ether, later released a critical security alert.
A digital wallet for users to keep their funds is produced by Parity. multisignature technology, that requires another user to sign a transaction before it is added to the blockchain, adds to the security and can be used by these wallets.
However, hackers exploited a vulnerability in the multisignature wallet's code.
Telling users with Parity's multisignature wallets to move their funds to somewhere secure, a security alert was issued by Gavin Wood, founder and CTO of Parity.
"There is an effort by the foundation underway to secure funds in other wallets to prevent any further compromises," Wood said on Gitter, an instant messaging chatroom, on Wednesday.
Parity reported it had released an update to fix the coding issue and future wallets are secure around midnight on Wednesday.
"White hat" hackers in the Ethereum community were able to save more than 377,000 ether tokens by taking them from affected wallets, when the vulnerability issue came to light.
"If you hold a multisig contract that was drained, please be patient. We will be creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and we will return your funds to you there," the group published on Reddit.
On Monday, another $7 million worth of ether tokens were stolen.
The hack has serious ramifications and caused the ether price to dip, says Tyler Moffitt, senior threat research analyst at cybersecurity firm Webroot.
"The key takeaway from this hack is that we're still exploring the Ethereum space and wallet security is more important than ever. As a threat researcher, I personally recommend hardware or native wallets (desktop wallets); they are the most secure, as you are in control of any transaction," he said.
"Do not store lots of currency in exchanges that control your private address. Only use them to make trades then back out to safe addresses."
(Source:www.cnbc.com)