Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Lax security measures have caused the adult entertainment platform SpankChain to lose $38,000 in ETH.
A Pirate Made Off With a Handful of Booty
Stealing tips from strippers is nearly the equivalent of taking candy from a baby â Itâs just plain wrong. Somebody should tell that to the clever hacker who managed to make off with 165.38 ETH ($38,000) after exploiting a bug in one of SpankChainâs smart contracts. SpankChain is the name of the Ethereum-based smart contract, and BOOTY is the ERC-20 token used to tip performers during live webcam shows.
As the hack occurred, an additional $4,000 worth of BOOTY was also frozen because of the security breach.
SpankChain admitted that is suffered an attack by posting, âWe got spanked,â on their website. Though the hack took place around 9:00 pm on Saturday, SpankChain did not notice the theft until the following evening around 10:00 pm as they, âwere in the middle of investigating other smart contract bugs.â
Everyone is Getting Some ETH and BOOTY
SpankChain is still working to figure out exactly what happened, but they did post a fairly detailed explanation of how the attack occurred, along with the attackerâs address, malicious contract, and the internal txs from the attackerâs malicious contract. SpankChain further explained that the hacker âcapitalized on a âreentrancyâ bug, much like the one exploited in the DAO hack.â
The company should be commended for showing more responsibility than multinational corporations that shirk complete responsibility when falling victim to avoidable security breaches. SpankChain has made it their âimmediate priorityâ to fully reimburse every user who may have lost funds and they are planning an ETH airdrop to reallocate all $9,300 worth of ETH and BOOTY that users may have lost.
SpankChain also explained the rationale behind passing on a $30,000-$50,000 security audit as they felt the $17,000 audit conducted by Zeppelin was sufficient. They have admitted, in retrospect, that paying more for security would have been a more pragmatic decision.
The company has promised to improve their security practices going forward and it is their hope that all users and performers will get more BOOTY.
Do you think SpankChain is doing a good job handling the most recent hack? Share your thoughts in the comments below!Â
Images courtesy of Shutterstock.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.