Hardforce, softforce, ICO… this year entangled in a new unfamiliar terms, users of the cryptocurrency is once again ready target for hackers and cyber criminals. Not all attacks and fraud were the same. Some were created from scratch, but entailed a huge loss.
Whether it’s an ordinary break-in wallet, fraudulent or ICO error code snippet – often investors have lost many millions of dollars. In the result the following incidents were stolen crypto-currencies for a total amount of 490 million dollars.
The perpetrators of these crimes still have not found, and do the stolen funds, most likely not to return. Of course, here we give a far from complete list of hacks cryptocurrency projects and various scams cryptocurrency tokens, and only the most sensational cases.
Attack on ICO CoinDash
Startup CoinDash was launched this summer through the ICO, but very soon he had to suspend its activities because of the site hacking and spoofing wallet Ethereum.
As a result of successful attacks at the hacker changed the e-wallet, and attracted by the startup 7.3 million dollars left in an unknown direction. The company closed the ICO, promising to send reward tokens CDT all participants.
And although the company warned that contributions submitted after the above-mentioned statement are not paid out, some investors continued to send funds to the address of the hacker, thus inadvertently increasing the amount of the stolen funds from 7 million to 10 million dollars.
This incident demonstrated that despite the ability to raise vast sums, ICO are still a very young technology that faces many challenges.
The first break-in of purse Parity
For the operator of the cryptocurrency purse Parity in 2017 was difficult, because he was attacked by intruders twice.
The first problems began in July, after the developers of the wallet has discovered a vulnerability in version 1.5, which from the accounts of users had been reduced to 153 000.
An error was discovered in wallets with multipolicy and threatened several of the companies involved in the ICO. At that time the value of the stolen ethers was about 32 million dollars, and by the end of December this figure had increased to $105 million.
The problem was called «critical.» Technical Director, Parity Gavin wood (Gavin Wood) has named at least three of the compromised address and said that the company will make every effort to prevent further losses.
Later it was discovered that more than 70,000 esters already cashed out or withdrawn in another way — in other words, lost forever.
Scam the Enigma project
In August blockchain startup Enigma has discovered that his website, a mailing list and account administrator at Slack compromised, and scammers have launched a fake pre-sale of tokens that you’ve gotten so investors have more than 1500 esters.
Captured using accounts, the swindlers promised large investment returns and was posing as operators of the project. Before Enigma crew managed to regain control of the account, purse with esters was devastated, the stolen funds to restore failed.
Freezing the air in my purse Parity
Perhaps the most serious breakdown of the system of protection this year was the incident that occurred with the same purse Parity.
In November one of the users accidentally discovered a Parity error in the code, which after unintentional action was frozen esters in excess of $ 275 million. Most of them belong to a few major ICO, including collected on ICO Polkadot ethers of $144 million (at the time of the incident).
It was the second major incident with a purse Parity in 2017. In future updates the developers have tried to recover the lost money, but came to the conclusion that this requires hardwork throughout the network Ethereum. Team Vitalik Buterin refused to separate hardwork, however, fix problems with the address Parity may enter one of the following planned hardforce.
In another incident also occurred in November, was stolen tokens Tether (USDT) in the amount of about 31 million dollars. Tokens were stolen from virtual storage developers Tether and sent to an unknown address. Other users USDT this hack is not affected.
Later, the company has imposed restrictions on the movement of stolen tokens via the update Protocol of the blockchain Omni, which is based on project Tether, so the hacker will not be able to enjoy the fruits of his attack.
Scam Bitcoin wallet Gold
Another case of fraud related to quite common in this year’s fork of the Bitcoin network, or rather one of them, launched in late October, Bitcoin Gold (BTG).
Shortly after the launch of the Gold fork Bitcoin wallets of some users who got coins through online wallet, was empty. This happened due to the fraudulent use of the service, approved by the development team of the project. Link to this wallet was on the official website of BTG.
Fraudulent operators service managed to fraudulently steal more than $ 33 million in BTC, BTG, ETH and LTC.
The team Bitcoin Gold stated that is not associated with scammers. The operator first said that the site was hacked, but later erased its data from GitHub and stopped responding to users on the fork channel Slack.
Overall, this case very clearly demonstrates that «free cheese is only in a mousetrap».
Hacking market capacity mining NiceHash
The victims of most of the cases described have become quite the young startups, but this does not mean that the hackers have decided to ignore long-standing projects.
Widely known, the market capacity of mining NiceHash announced in early December, about hacking, later confirming that the attack was stolen about 4 700 BTC. At that time their cost would leave approximately $ 78 million.
Later it turned out that a hacker hacked into the computer of one of employees of the company, thus getting access to internal systems, marketplaces, and then transferred the bitcoins from the wallet of the company.
Head NiceHash Marco Cobalt (Marko Kobal) said that his team tries to establish the reasons for the attack, but it takes time. After a few days the service has been restarted and promises to return the stolen.