A hacker has allegedly just stolen around $7.4 million dollars worth of ether, the cryptocurrency that underpins the app platform ethereum, by tricking victims into sending money to the wrong address during an Initial Coin Offering, or ICO. This is according to a company called Coindash that says its investors were sending their funds to a hacker.
On Monday, Coindash, which offers a trading platform for ether, was slated to launch its Initial Coin Offering. These are essentially crowdfunding drives that allow investors to own a stake in the app by buying digital assets called tokens. Initial Coin Offerings are an incredibly popular method of funding an app on ethereum, and some ICOs have raked in millions of dollars within minutes of going live. Even the silliest apps have been able to raise thousands of dollars in token investments during recent ICOs.
Coindash's ICO, like many others, launched simply by posting a string of text representing an ethereum address for investors to send money to on the app's website. However, mere minutes into what was supposed to be another successful ICO, Coindash warned that its website had been hacked and asked people not to send ethereum to the posted address.
It's still unclear exactly what happened, but it seems like the hack was incredibly simple: The hacker allegedly took control of the Coindash official website and changed the text on the site, publishing their own ether wallet address instead of Coindash's. When people went to "invest" in Coindash, they actually sent their ether to the hacker, not the company.
Even though Coindash noticed the hack and warned investors quickly—just three minutes after the ICO launch—the damage was done.
Source: MotherBoard
(Score: 2) by coolgopher on Wednesday July 19 2017, @05:32AM (1 child)
Is there any way to undo such a thing when you're using a block-chain? My (limited) understanding is that there wouldn't be, but I'm happy to be corrected.
(Score: 3, Informative) by tonyPick on Wednesday July 19 2017, @10:11AM
Theoretically Yes - but only if enough people agree. And Ethereum have rolled back before, when events[1] have happened that the majority didn't approve of, resulting in a fork of the blockchain:
http://www.coindesk.com/ethereum-classic-explained-blockchain/ [coindesk.com]
https://qz.com/730004/everything-you-need-to-know-about-the-ethereum-hard-fork/ [qz.com]
So for this, practically, probably not.
[1] I'm deliberately avoiding putting the word "hack" in there, since that's arguable....