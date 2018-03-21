from the A-fool-and-his-money... dept.
A Hacker Just Stole $5.7 Million From Social Token Startup Roll:
Over the weekend, hackers stole millions of dollars in crypto from Roll, a social currency startup that allows so-called "creatives" to launch and manage their own Ethereum blockchain-based money systems.
According to the company, someone managed to get inside its "hot wallet" early Sunday morning, making off with the equivalent of $5.7 million in currencies. (A "hot wallet" is basically an online crypto-bank account.) The hacker then sold the tokens on Uniswap, a crypto exchange platform. Roll said the hack seems to have occurred via a compromise of one of the wallet's "private keys," which is the equivalent of someone learning your master password.
"As of this writing, [the cause appears to be] a compromise of the private keys of our hot wallet and not a bug in the Roll smart contracts or any token contracts," the company said in a statement Sunday. "We are investigating this with our infrastructure provider and law enforcement." The company further promised to do a third-party security audit and a forensic analysis to "figure out how the key was compromised," as it's currently unclear how the hacker got their hands on it.
(Score: 2) by istartedi on Thursday March 18, @08:16AM
Before there was crypto there was gold and silver. Those who preferred them claimed that unlike fiat they are "real money". They are, but the problem with that is that when real money is stolen, it's also *real gone*. The current fiat system evolved from that system and has such efficient built-in insurance policies that we often don't think about it. The much maligned inflation is a feature not a bug, as long as it doesn't get out of control.
These cryptos are a simulation of gold and silver to some degree, and they exhibit in the virtual world all the same flaws as what they model. When your crypto is stolen, it can be really gone. One of the phrases you hear these days is, "not your keys, not your crypto" and it directly relates to what the gold and silver people say about not really having gold and silver unless you have physical--but if you have physical gold, you must protect it. If you control your crypto keys you must secure them. Just as with gold and silver, you can turn that chore over to somebody else--but then the trustworthiness of that other person becomes a very important thing. If you "just trust" the wrong people to guard your gold, silver or crypto keys then things can go horribly wrong.
It would appear that these were the wrong people to trust with crypto.