The hacking into Parity wallet started Tuesday night and continued into Wednesday, July 19. Parity wallet allows users to access to a large number of cryptocurrencies within the ethereum network. The tool had a vulnerability that hackers took advantage of in order to steal 153,000 units of the currency.
Three separate accounts in particular were attacked.
Edgeless Casino, an online gambling site, Aeternity, a smart-contract platform and Swarm City, a commerce platform, which said 44,055 in the currency was drained from their wallet. This constituted the entirety of Swarm City’s funds, according to a blog post.
Eventually, a large share of the currency was able to be saved before the hackers could swindle even more.
A group of engineers called ‘The White Hat Group,’ acted quickly to exploit the same vulnerability that the hackers did and managed to drain funds from other existing accounts which could have been hacked. They were able to save 33,700 ether, which equates to $75 million. No further information has been released relating to the identities of the engineers. A page which purportedly holds the rescued funds was posted in a thread on the ethereum reddit page Wednesday.
“The white hat group were made aware of a vulnerability in a specific version of a commonly used multisig contract,” the group stated. “This vulnerability was trivial to execute, so they took the necessary action to drain every vulnerable multisig [wallet] they could find as quickly as possible.”
The engineers say that they will return all of the saved funds to their rightful owners as soon as the security threat passes, Cyber Scoop reported.
Ether has emerged as a major force in the cryptocurrency market and the network may have been targeted by hackers because of the major price increase.
Its value has risen from $8 at the beginning of the year to over $400 in June. The value has since fallen and is now trading at about $210, according to Coin Market Cap.
It is barely regulated, but many see the currency as having huge potential for areas concerning finance and smart contracts.
This hack comes on the heels of another scam involving the bitcoin rival, which is said to have been perpetrated in a much simpler fashion than the most recent theft.
On Monday, hackers gained access to Coin Dash, which operates a trading platform for ether, and switched an address with a different one during ether’s initial coin offering (ICO). People investing in the company then ended up sending their money to the hackers, according to Vice.
Last year, the largest heist in the company’s history took place when hackers stole $50 million worth of the cryptocurrency, Coin Desk reported.