Malicious attackers manage to hijack yet another Ethereum ICO. Damages are still unknown.
Malicious attackers recently managed to infiltrate and disrupt the Etherparty Initial Coin Offering (ICO). The hackers hijacked Etherparty’s website this last Sunday and displayed their own Ethereum address, which misled many ICO participants to send money to the wrong ICO wallets.
Etherparty managed to detect this attack within 15 minutes of it being launched and immediately shut down their website to prevent any other users from being tricked. After Etherparty conducted an investigation surrounding the attack, they started up their website again and allowed ICO activity to continue without any further disruption. The investigation took 95 minutes.
Etherparty has not yet directly commented on the attack, nor has it released any estimation as to how many funds were lost due to the attack. They did, however, release a statement just yesterday where they emphasized their commitment to compensate all affected participants.
Since then, Etherparty has also published a timeline of the attack:
- 9:00 A.M. PDT: FUEL token ICO is live.
- 9:45 A.M. PDT: Security breach: fraudulent contribution address is injected into the ICO Page, and in response, we began the process to shut down the official Etherparty site to protect people.
- 10:00 A.M. PDT: Website was taken offline
- 11:35 A.M. PDT: Website rebuilt and moved to a new web server.
- 12:51 P.M. PDT: Press release distributed, official statements posted to Twitter and Medium.
Etherparty was recently released with the main goal of being as user-friendly as possible. The platform enables users to create cryptocurrency smart contracts using an automated tool. However, this feature is still being developed. The Etherparty ICO was a means to generate capital to fund this project.
Users who managed to participate successfully in this ICO received FUEL tokens. Users were then able to buy or sell their FUEL tokens until the company was established and would give users the opportunity to re-buy tokens.
The concept of ICO, while revolutionary, has received a fair share of criticism and distrust. These criticisms and fears are justified, as the lack of regulations makes ICOs highly susceptible to hackers and other scammers. During the CoinDash ICO, hackers stole over $7 million worth from Ethereum by hijacking the website and replacing the ICO wallet with their own. Other ICO platforms have also fallen victim to hacks, including the Veritaseum platform which suffered a loss of $8.4 million, and the Enigma Project Platform who suffered a loss of $475,000
In July 2017, the Securities and Exchange Commission (SEC) hinted that it might need to establish a policy that regulates ICOs in the near future. The SEC took action just last month when they shut down Protostarr post-ICO and forced the company to refund all its participants. Last week, the SEC also charged a businessman and two companies with defrauding ICO participants in two separate ICOs.
Cryptocurrencies have become extremely popular in China and South Korea. However, due to the instability of crypto ICOs, the two countries have banned cryptocurrencies entirely. Canada is also currently engaged in creating laws and policies to regulate ICOs.
Despite the increasing concerns regarding cybersecurity and regulating policies, ICOs remain very popular. ICOs tend to attract investors hoping that the cryptocurrency they are investing in will enjoy the same success as Bitcoin or Ethereum.