A hacker recently managed to steal $7.4 million in cryptocurrency by hacking into a trading platform's website during an Initial Coin Offering.
Cryptocurrency trading platform CoinDash's website suffered a breach as soon as it opened an Initial Coin Offering, losing $6.4 million in six minutes.
CoinDash offers a platform for investors to trade their funds in Etherium, a popular cryptocurrency similar to Bitcoin. During Initial Coin Offerings (ICO), trading platforms like CoinDash offer stakes in their respective apps by selling digital assets in exchange of ethers.
Cyber-attack on South Korean cryptocurrency exchange compromises 30,000 customer accounts
CoinDash opened an ICO at 9AM EDT on Monday and posted a link on its website where investors could send their ether to own a stake in the app. However, six minutes after the launch, CoinDash realised that their website had been hacked and immediately alerted users not to send ethers to the link posted on the website.
What really happened was that an unnamed hacker took control of CoinDash's website as soon as the ICO opened and replaced the link where investors could send their funds with a new one. This way, he pocketed the entire money that investors sent to Coindash before the trader raised an alarm.
'It is unfortunate for us to announce that we have suffered a hacking attack during our Token Sale event. During the attack $7 million were stolen by a currently unknown perpetrator. The CoinDash Token Sale secured $6.4 million from our early contributors and whitelist participants and we are grateful for your support and contribution,' said CoinDash in a statement.
'This was a damaging event to both our contributors and our company but it is surely not the end of our project. We are looking into the security breach and will update you as soon as possible about the findings,' it added.
£52 million Bitcoin theft cuts cryptocurrency’s value by 20 per cent
The firm also said that it feels responsible for the said breach and will issue tokens to contributors who sent ethers to the fraudulent Etherium address. However, ethers sent to any fraudulent address after the website was shut down will not be compensated.
CoinDash is now asking investors to fill Google Docs forms by mentioning their names, their wallet addresses, the amount of ETH sent and transaction numbers. The firm said this information will help it investigate the status and solve issues from the token sale.
According to Motherboard, a number of affected investors have lashed out at CoinDash for failing to secure its website and are asking to be recompensated. CoinDash has promised that it will compensate all investors but the firm is yet to comment on what steps it is taking to ensure its website won't get hacked in the future.