$32 Million Worth of Ethereum Stolen
Parity’s Multi-Sig Wallet Vulnerable
Parity issued a critical security alert concerning their popular multi-signature wallet. This follows a breach in which $32 million of Ethereum was taken from customers using the aforementioned wallet. The breach only appears affects multi-sig wallets of version 1.5, other wallets appear to be unaffected.
This comes in the wake of similar hacks in which vast sums of the popular cryptocurrency was stolen from legitimate traders of the currency. In one instance, referred to in the press as the DAO hack, $50 million worth of tokens were stolen. Following that, CoinDash had to cancel its much hyped ICO release following a $10 million hack.
The hacker in this instance seemed to target Ethereum primarily, however, relatively small amounts of FUCKcoin were also taken.
Developers Scramble to Secure Ethereum Investment
News of the theft spread quickly, which resulted in developers scrambling to see if they had become victims. The hack claimed some well-known scalps in Swarm City, confirming they had lost 44,000 ETH, as well as Edgeless Casino and Aeternity joining the list of victims.
The White Hat Group moved quickly to mitigate the damage by moving tokens from users with the vulnerable multi-sig wallet to a secure wallet. This was done in order to prevent further losses while the group looked to create secure replacement wallets. The group released a statement on Reddit asking users to be patient and ensuring their ETH was in safe hands. Parity also confirmed the group’s involvement in assisting in the matter.
Competitors and experts were quick to criticise Ethereum and its coding language Solidity for the vulnerability. Charlie Lee, a LiteCoin developer, even went so far as to call Ethereum a “hackers paradise”. Given Parity’s claim on their website as to the robustness of their code and their quality control several Twitter users posted with tongue firmly in cheek Parity’s claim.
Individuals are urged to be aware of phishing attacks as other hackers may attempt to steal user credentials and potentially cryptocurrencies they may have.