HACKERS HAVE TARGETED ANOTHER ICO WEBSITE , “ETHERPARTY”

Etherparty is a digitalized, user-friendly contract creation tool that enables users to create smart contracts on the blockchain (a network that manages cryptocurrency).  However, only recently, another website which hosts an Initial Coin Offering has been hacked, following the steps of the many ICO websites that fell victim to hacking schemes earlier this year.

One of the primary procedures of sites like Etherparty, is to conduct an ICO.  An ICO (Initial Coin Offering) is similar to a classic IPO (Initial Public Offering), wherein investors may contribute stocks to be a part of a company.  But instead of stocks in a company, in ICO, buyers get tokens in an online platform.  Users can keep tokens until the issuing company decides to buy them back, or they can sell the tokens to other users as Ether or other forms of cryptocurrency.

To put it another way, these tokens are the incentive ensuring that developers write quality applications, because wasteful code costs more, and that the network remains healthy considering that people are compensated for their contributed resources, fairly similar with stocks.

On 01 October 2017, the Etherparty administrators have announced that their website have been hijacked and that users should immediately stop any ongoing transactions to and from the website.  The hacking scheme is seamlessly similar to the hacking of the Veritaseum website last July 2017, also an ICO site.

The hackers began the attack by breaching the website and modifying the web page where the official cryptocurrency address of Etherparty was provided.  Consequently, the attackers have simply edited the page and modified the official address to a cryptocurrency address of their own.  Henceforth, for a matter of fifteen (15) minutes, coin contributors have unknowingly transferred funds to the attackers’ coin address, instead of the etherparty’s.

The Etherparty administrators did not officially announce the gravity of damage incurred from the hacking attack.  Due the quick response of Etherparty’s security team, the website became fully operational at about roughly 95 minutes after the attack.  The administrators even announce that they are willing and ready to compensate the investors who might have been affected by the cyber-attack.

According to the founder of Etherparty:

“Our team has been consistently and successfully thwarting potential security issues to avoid further escalation. However, we do acknowledge and apologize for the temporary disruption to our otherwise successful launch day. Etherparty is eager and committed to compensating all affected contributors for the inconvenience.”

As the cryptocurrency sector booms, attackers are setting their sights on people’s digital currency wallets.  After the consequent major attacks in the sector, site developers should significantly increase their security.  On the other hand, investors should consider completely whether to invest in the accustomed way of stocks, or try challenging the innovative world of cryptocurrency.

In the meantime, while the security of digital currency is still reaching its uttermost, users should reduce utilizing the same, or if usage is truly necessary, users, administrators, and contributors should continuously practice caution in carrying out transactions in the cyber world.

 

Manny Cuevas

My name is Manny Cuevas a Security Researcher / Engineer for about 15 years that focuses on Web and Mobile applications and other platforms from the Island of Sulu, Philippines. I’m also a scientist, inventor and a top ranked hacker in the world that bypass all security systems.

 

Leave a Reply

Your email address will not be published. Required fields are marked *