Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
One of the major benefits of decentralized exchanges is that they canāt be hacked ā or so the theory went. As Etherdeltaās users found out last week, however, thatās not quite true. After accessing the siteās DNS records and replacing the domain with a sophisticated fake, attackers were able to hoover up hundreds of thousands of dollars in ethereum and tokens. One week on and thefts are still being reported, as the hacker continues to prey on unsuspecting victims.
Also read:Ā Chinese Programmer Arrested Over Ā„20 Million Bitcoin Theft
Hackless Exchange Gets Hacked
As Etherdelta confessed six days ago: āAt least 308 ETHā (worth around $270,000) plus āa large number of tokens potentially worth hundreds of thousands of dollarsā was taken. The attacker went to great lengths to pull off the scam, creating a fake Etherdelta site that looked uncannily like the real thing complete with a false order book. It was believed at the time that users who had accessed the site via browser plugin Metamask or Myetherwallet were unaffected. Reports are now surfacing, though, that suggest the attack may have inflicted wider damage than at first thought.
Tommy World Power is a well known cryptocurrency trader and vlogger who was among those affected by the Etherdelta hack. He initially thought heād been spared from the attack, only to tweet, six days later:
He continued: āIt was on my to-do list to withdraw the funds off it, was trying to do it now (and I only keep short-term funds there). This means they had access to my account since the hack, but only did it a few hours ago.ā
Like everyone else caught up in the hack, Tommy had all of his funds drained. Etherdelta has been bombarded with tweets from users who didnāt lose anything at the time of the hack, but whose wallets have since been emptied.
The attacker has been linked with this ethereum address, which currently contains around $4.3 million of ETH. The address has been labeled āFake_Phishing306ā and is accompanied by a warning on Etherscan that the account has been associated with phishing scams.
It seems the Etherdelta hacker has had success with targeting users of numerous platforms via a range of attack vectors. Some users have even claimed that less scrupulous exchanges work hand-in-hand with hackers, plying them with account details that can then be cracked. There is no suggestion that this is the case with Etherdelta, it should be noted, and it is an allegation that is extremely hard to prove. Nevertheless, incidents such as this prove the dangers of trusting any exchange, decentralized or otherwise.
The account where millions of stolen ether is currently stored.
After learning of his losses, Tommy World Power embarked on a mission to have the attackerās accounts at Binance and Coinexchange.io frozen, where they were believed to be offloading their hot ether. Trading volume on Etherdelta has been low since the exchange came back online. Users are torn between wanting to get their hands on desirable tokens, such as Dragonchain, and wanting to avoid the site for security reasons. While work continues elsewhere on projects such as atomic swaps, investors are left with little option but to rely on exchanges, despite their inherent risks.
Do you think decentralized exchanges are safer than their centralized counterparts?Ā Let us know in the comments section below.
Images courtesy of Shutterstock, and Etherscan.
Bitcoin Games is a provably fair gaming site with 99% or better expected returns. Try it out here.
The post One Week On from the Etherdelta Hack, Funds Are Still Being Stolen appeared first on Bitcoin News.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.