Technology

Hackers steal $32 million in Ether cryptocurrency hack

Wednesday's incident quickly follows the theft of around $7.4 million dollars worth of ether reported earlier this week.

By Patrick Howell O'Neill

July 19, 2017

(Pixabay)

Hackers have stolen $32 million worth of Ether, a popular and increasingly valuable cryptocurrency, by exploiting a critical security vulnerability in wallet software that allowed an attacker to steal over 153,000 Ether.

The theft is visible on Ether’s blockchain here, according to Gavin Wood, a co-founder of Ethereum, the software behind the currency.

The attack began late on Tuesday and continued on Wednesday in a total of three transactions.

When the attack was finally noticed, a group of white hat hackers used the same exploit to drain money from other vulnerable wallets in order to protect them from the theft. The money saved totaled 377,000 ETH worth over $75 million.

“The white hat group were made aware of a vulnerability in a specific version of a commonly used multisig contract,” the group wrote. “This vulnerability was trivial to execute, so they took the necessary action to drain every vulnerable multisig they could find as quickly as possible.”

The ethical hackers promised to return the funds to their rightful owners once the security threat passed.

The cryptocurrency appears to have been stolen from the online gambling website Edgeless Casino, the smart-contract platform Aeternity and the commerce platform Swarm City, according to a blog post from Swarm City.

Today’s incident quickly follows the theft of around $7.4 million dollars worth of Ether reported earlier this week.

Unspecified efforts are underway by Ethereum developers to secure the funds, Wood wrote in a chatroom on Wednesday following the theft’s disclosure. The vulnerability is found in Parity Wallet, software described as “the fastest and most secure way of interacting with the Ethereum network.”

The problem specifically impacts multi-signature wallets created in Parity meant to require electronic signatures from multiple parties in order to move money. Normal wallets are not at risk, according to developers.

An updated version of the software fixing the vulnerabilities will be released as soon as possible, according to Wood.

This story is developing.

Hackers steal $32 million in Ether cryptocurrency hack

More Like This

House hurtles toward showdown over expiring surveillance tools

Civil society groups press platforms to step up election integrity work

ALPHV steps up laundering of Change Healthcare ransom payments

Top Stories

Treasury official: Small financial institutions have ‘growth to do’ in using AI against threats

‘Large volume’ of data stolen from UN agency after ransomware attack

FBI director warns of China’s preparations for disruptive infrastructure attacks

More Scoops

Solana hack wipes more than 7,000 wallets, totaling nearly $5 million in losses

Hackers steal more than $600M from Ronin blockchain used to play Axie Infinity

Hackers stole more than $320 million in cryptocurrency from DeFi platform Wormhole

Suspect in scheme to breach major Twitter accounts is now charged with hacking crypto executives

Poly Network fully recovers assets stolen in unusual $600M cryptocurrency hack

Poly Network offers bug bounty to hacker who stole $600 million worth of cryptocurrency

Hackers returned some of the $600 million they stole from Poly Network, a cryptocurrency firm

Latest Podcasts

How Troy Hunt knows if you’ve been hacked and Washington tries to understand AI

Why pig butchering is the worst kind of online scam

How the FBI fights ransomware

Rumman Chowdhury on AI red-teaming; a Sisense supply chain attack

Government

Technology

Threats

Geopolitics