All it took was just 3 minutes and ‘a simple trick‘ for a hacker to steal more than $7 Million worth of Ethereum in a recent blow to the crypto currency market.
The heist happened after an Israeli blockchain technology startup project for the trading of Ether, called CoinDash, launched an Initial Coin Offering (ICO), allowing investors to pay with Ethereum and send funds to token sale’s smart contact address..
But within three minutes of the ICO launch, an unknown hacker stole more than $7 Million worth of Ether tokens by tricking CoinDash’s investors into sending 43438.455 Ether to the wrong address owned by the attacker.
How the Hacker did this? CoinDash’s ICO posted an Ethereum address on its website for investors to pay with Ethereum and send funds.
However, within a few minutes of the launch, CoinDash warned that its website had been hacked and the sending address was replaced by a fraudulent address, asking people not to send Ethereum to the posted address.
But it was too late, as the little change of address had already redirected cryptocurrencies sent by investors into the wallet of the hacker.
“It is unfortunate for us to announce that we have suffered a hacking attack during our Token Sale event,” reads a statement posted on the company’s official website.
“During the attack, $7 Million was stolen by a currently unknown perpetrator. The CoinDash Token Sale secured $6.4 Million from our early contributors and whitelist participants, and we are grateful for your support and contribution.”
CoinDash doesn’t know who is responsible for the attack, and the worst part is that the company is still under attack.
Investors are strongly advised to DO NOT send any Ether (ETH) to any address on the site, as CoinDash has terminated the Token Sale.
Source: The Hacker News