HackDig : Dig high-quality web security articles for hacker

A new Ethereum ICO was hacked, the victim is Etherparty

2017-10-04 22:40

The Etherparty website is the last victim in order of time of a cyber attack involving an Ethereum ICO (Initial Coin Offering).

Another hack involving an Ethereum ICO (Initial Coin Offering) made the headlines, the victim is the Etherparty website that sells tokens for a blockchain-based smart contract tool. The attackers replaced the legitimate address for sending funds to buy tokens with a fraudulent one they controlled.

Etherparty is a platform for the creation of smart contract that leverages on the blockchain.

Etherparty launched its Fuel token sale on October 1 at 9 A.M. PDT, but just 45 minutes, attackers hacked into the ICO website and replaced the wallet address, hijacking cryptocurrencies sent by investors.

According to Etherparty, its staff detected the hack after 15 minutes and in response immediately took the ICO website down for nearly one and half hour preventing more investors from sending funds to the attackers’ wallet.

The website, hosted on a new server, went online at 11:35 A.M. PDT.

The website displays the following message to investors:

Always check the URL and verify the contract address before sending ETH to any ICO.”

At the time it is unclear the exact amount of cryptocurrencies stolen by hackers, the company ensured that it will compensate “any affected contributors, with its proprietary FUEL token, prior to the temporary website shutdown at 10 A.M. PDT.”

The blockchain company has also “promised to compensate any affected contributors, with its proprietary FUEL token, prior to the temporary website shutdown at 10 A.M. PDT.” 

“One hour after the ICO officially went live, the company identified a security issue, caused by a fraudulent contribution address, and temporarily shut down the website to protect all participants.” reads the press release published by the company on Medium.

Etherparty’s site was later restored after the issue was resolved at 11:35 A.M. PDT, after going offline for 90 minutes. The blockchain company has promised to compensate any affected contributors, with its proprietary FUEL token, prior to the temporary website shutdown at 10 A.M. PDT.

etherparty

The Etherparty ICO is still ongoing and it will be open until October 29, 2017. According to the company, the ICO had a great start “selling over 10,000,000 FUEL tokens in the first hour.” The company sold more than 400,000,000 FUEL tokens before the official launch in the pre-sale.

“Our team has been consistently and successfully thwarting potential security issues to avoid further escalation,” Etherparty Founder Lisa Cheng said.”However, we do acknowledge and apologise for the temporary disruption to our otherwise successful launch day. Etherparty is eager and committed to compensating all affected contributors for the inconvenience.”

This is the last hack in order of time, below the list of previous attacks in an ICO:

In response to the string of incidents the US Securities and Exchange Commission (SEC) issued an official warning about the risks of ICOs, meanwhile, China has already announced a ban on all ICO across the country.

Pierluigi Paganini

(Security Affairs – Etherparty ICO, hacking)

The post A new Ethereum ICO was hacked, the victim is Etherparty appeared first on Security Affairs.


Source: lmth.dekcah-ytraprehte/gnikcah/19736/sserpdrow/oc.sriaffaytiruces

“A new Ethereum ICO was hacked, the victim is Etherparty”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud