Hackers stole $7 million worth of cryptocurrency on Monday from the trading platform CoinDash. The hack occurred during its Initial Coin Offering (ICO).
Hackers tricked digital investors into sending their funds to a false address. According to the Israeli startup, more than 2,000 users accidentally sent their money to the hacker or hackers, with a total value of 37,000 Ethereum, which is roughly equal to $7 million. The attack took place 13 minutes after CoinDash publicly launched its ICO token sale on July 17.
Despite the damaging cyberattack, CoinDash has assured customers their tokens will be considered valid regardless of what address they were sent, for everyone who participated in the ICO before it was shut down. CoinDash has reacted by launching a forensic investigation and have contacted law enforcement.
“We are currently gathering information regarding each for the attack victims and will release the complete list for our contributors and community review shortly,” CoinDash said in a statement, attributed to co-founders Alon Muroch, Adam Efrima, and the CoinDash team.
This event is not likely to help the company’s image or mission, however, CoinDash will continue and persevere regardless. “The only way now is to move forward. The company’s vision is intact and the products we are developing are still in high demand (even more so now). Such malicious attacks will not divert us from developing a product that will make crypto investments more accessible to the public,” stated the CoinDash website.
Despite this event, it has been a remarkable year for ICO’s. One ICO this year raised a whopping $147 million, making it the second largest fundraising campaign in blockchain history. Moreover, this cryptocurrency startup managed to raise $35 Million in 30 Seconds. Even with the risk of hackers hindering the security of cryptocurrency ICOs, there is clearly a huge demand for this product and a lot of money surrounding it.
“This was a damaging event to both our contributors and our company but it is surely not the end of our project,” the company said in its statement. They also went on to say, “It is clear to us that the road ahead will be challenging and your continued faith in our project is without a doubt the main reason for us to continue and create the future of trading.”
Matej Boda, Founder of Blockchain-based content distribution platform DECENT, remarked, “Apart from following the basic security rules, we believe that such sensitive information like an ICO address shall be verifiable. The investor must be sure that the information received is genuine – and what is better for sharing auditable information than blockchain? Sharing ICO addresses on blockchains, especially account-based blockchains with easy-to-remember names, like DECENT, can minimize such incidents, as an investor will immediately see who posted the information and whether it is a trusted party or not.”
Hopefully this attack will bring light to the vulnerabilities regarding ICOs, ensuring it’s developers take greater safety precautions for cryptocurrencies and their investors. This attack has certainly been destructive for the company, however, there are previous cases of much larger hackers such as this cryptocurrency startup which lost $50 million to hackers.
This article was updated on July 24, 2017 to include further background from industry leader, Matej Boda.