Coindesk Logo

CoinDash ICO Hacker Nets Additional Ether as Theft Tops $10 Million

CoinDash ICO Hacker Nets Additional Ether as Theft Tops $10 Million

CoinDash ICO Hacker Nets Additional Ether as Theft Tops $10 Million

Money continues to trickle into an ethereum address compromised during an initial coin offering by a startup called CoinDash.

Money continues to trickle into an ethereum address compromised during an initial coin offering by a startup called CoinDash.

Money continues to trickle into an ethereum address compromised during an initial coin offering by a startup called CoinDash.

AccessTimeIconJul 19, 2017, 9:30 AM
Updated Aug 18, 2021, 6:30 PM

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

A few prospective investors were still sending ether to an ethereum address compromised in an initial coin offering (ICO) held by a startup called CoinDash yesterday, inadvertently bringing the total lost in the theft up to around $10m.

As reported on July 17, $7m was initially stolen by a hacker who altered the contract address of the ICO project. CoinDash said in an updated statement today that 2,000 investors have now sent a total of 37,000 ethers to the fake address after the open sale started.

While only a small number of transactions have been seen since the hack was revealed, one investor sent 50 ethers to the fake address, according to Etherscan.io.

At publication, around 43,500 ether had been sent to the address in total, bringing the value of the theft to just under $10.3m, amid the cryptocurrency market rebound over the last day.

While CoinDash has yet to disclose how the breach occurred, others are beginning to speculate on what caused the issue.

Wu Guanggeng, the COO of China's mining pool Bixin, for example, posited on Weibo that the breach may have actually been made via the domain name server provider. When reached out to by CoinDesk, Wu indicated his source for the information was a WeChat official account that publishes cryptocurrency news for subscribers.

One post from the social messaging account claimed that CoinDash support staff said the hacker first cloned an almost identical website to CoinDash.io, while using a fake contact address.

The imposter then contacted the CoinDash's DNS provider using the registered email to request a redirection of traffic to the false site. Wu suspected the CoinDash email account was also compromised.

While CoinDash has previously stated that investors who have been affected by the hack will receive ICO tokens as compensation, those who made transactions after the website was shut down will not be compensated.

CoinDash did not confirm the cut-off time for the website closure. However, the company tweeted on 10:39 a.m. EST, July 17, that the token sale was over and asked investors not to send "any ETH to any address."

This was followed by another Tweet on 12:47 p.m. that linked to its statement, and another soon after pointing to a form for those who had been affected.

So far the fake contract address has not made any outgoing transactions.

Sink drain image via Shutterstock; fake account details image via Etherscan.io

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.