ETH multisig hack - #CryptoTrading

Some ETH multisig wallets created with parity are being drained right now.
News
     · [reports]  · Author: KarlVonBahnhof

Updates

The bug in Parity 1.5+ has been fixed - see it on github.

Some of the funds were secured by ways of the same hack by a group of white hackers.

Swarm: A swift response from a whitehat hacker group used the same exploit to drain many other project’s parity multisig wallets, in order to protect them from theft. This group was able to save over 377,000 ETH. Unfortunately the 44,055 ETH that was in Swarm City’s wallet is gone.

Black hat hacker wallet address with stolen ether: https://etherscan.io/address/0xb3764761e297d6f121e79c32a65829cd1ddb4d32

White hat wallet address with preserved ether: https://etherscan.io/address/0x1dba1131000664b884a1ba238464159892252d3a

Original article

There is a reason for the selloff, if you are looking for one: Parity 1.5+ security alert.

Some multisig wallets with contracts for ICOs created with certain versions of Parity are vulnerable and getting drained.

So far all ICO money for Edgeless Casino, aeternity and swarm.city is gone. It is 153k ETH which was worth about $32M when the heist started. At the moment it is around $30M. This is where the coins were sent to.

The bug has not been fixed yet so the draining might be going to continue for a while longer, unless money is moved out of vulnerable wallets in time.

The vulnerability is a serious one, allegedly one only needs the public key and certain kind of metadata and that is enough to regenerate the wallet.



Posted in Reports
Tagged as  

 

Last added to Crypto Airdrops, Bounties & Opportunities
Airdropped Token or Opportunity Airdrop Date About the airdrop Link
Opportunity: DeFi Tokens on reputable exchange with lower fees 14 days after listing The Aussie exchange Independent reserve is listing new DeFi tokens these days. For each of the new markets has the fee reduced to 0.1% for the first 2 weeks. Currently those markets are yearn.finance, Aave and Kyber Network Crystal. sign up
LATOKEN Earn Nov 2020 10+ new Telegram airdrops available on LATOKEN exchange under "Earn" in the top navigation bar. (SAND, UNO, BXT, PZS, L2L, BIOG, DGB, OAP...) If you sign up with the link here you get 50 USD fee credit. sign up
Opportunity: Trade DeFi Tokens with NO FEES 14 days after signup The token exchange WhiteBit gives you 14 days of zero-fee trading if you sign up with a shill link. No KYC until 2 BTC/day withdrawal limit, lots of new DeFi projects get listed there. sign up
Staking without KYC on WhiteBit New! WhiteBit opened 17 different staking plans with 9 different currencies to choose from. 40% APR, available to the users without KYC. (Be mindful of risks) sign up
YoBit Get Free 1700 Dollars After signup YoBit is having a token giveaway. Sign up at YoBit and click the link "Get free 1700 dollars" in the top bar. This will take you to a Telegram bot where you can sign up to participate in the giveaway. sign up