Skip to main content
  1. Home
  2. Computing
  3. News

Hacker steals more than $7 million in digital currency by switching a mere link

By

A render of virtual currency.
Image used with permission by copyright holder
Security firm Tripwire reports that a hacker managed to steal more than $7 million in digital currency by simply replacing a single link. The hack took place on Monday during an event called an Initial Coin Offering (ICO) to reel in investors of a cryptocurrency app called CoinDash. However, early investors quickly discovered that a link for depositing digital currency on the CoinDash website was not legitimate.

According to Tripwire, trading platform CoinDash began its ICO at 1 p.m. (GMT). Three minutes later, investors figured out that the link for sending Ether, a type of digital currency, was taking them to the wrong deposit location. Within those three minutes, the hacker managed to accumulate more than $7 million before CoinDash terminated the ICO and removed the page.

Recommended Videos

“The moment the token sale went public, the CoinDash website was hacked and a malicious address replaced the CoinDash Token Sale address,” CoinDash said. “As a result, more than 2,000 investors sent ETH to the malicious address. The stolen ETH amounted to a total of 37,000 ETH.”

Ether is the digital currency of the world’s second most popular cryptocurrency network, Ethereum. This platform consists of smart contracts, which are essentially bits of code that will execute when certain requirements are fulfilled. These “apps” are listed on the Ethereum network using what is called a blockchain, which serves as a registry that records all transactions. Ether, abbreviated as ETH, is what’s used to pay for things and services listed on the Ethereum network.

So why not just use real world cash? Because digital currency is decentralized. It’s not managed by banks or the government. Plus, both the merchant and buyer can remain completely anonymous, with a transaction digitally signed and verified by an unknown miner on the associated network. Ether is similar to Bitcoin in purpose although technically they are completely different digital currencies.

Individuals who successfully participated in a private “heads up” for whitelist contributors 15 minutes prior to the public ICO received “tokens” as proof of their CoinDash app investment. However, those who invested Ether using the hacked address are reportedly now demanding a refund. After all, the CoinDash website was not locked down tight, enabling a hacker to insert a simple link that collected millions in stolen digital currency.

However, many Ether users reportedly flocked to social networks and questioned the theft. Was this a genuine hack, or a simple scam using a hack as a cover story? As Tripwire states, there is no evidence to suggest foul play.

CoinDash is currently providing an online form for victims to complete as part of the company’s forensic investigation into the hack. Victims are asked to provide their email address, wallet address, a proven transaction number, and the amount of Ether sent.

“This was a damaging event to both our contributors and our company but it is surely not the end of our project,” CoinDash added. “We are looking into the security breach and will update you all as soon as possible about the findings. We are still under attack. Please do not send any ETH to any address, as the Token Sale has been terminated.”

Despite the hack, CoinDash said that it managed to secure $6.4 million from early contributors and whitelist participants in the 15-minute “heads up” prior to the ICO. Those who sent digital currency to the wrong Ether address during the hack will still receive tokens. Otherwise, investors who sent Ether to the wrong address after CoinDash removed the ICO page will not receive investment tokens.

Update: Added new information provided by CoinDash.

Topics
Kevin Parrish
Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Power up your tech game this summer with Dell’s top deals: Upgrade for a bargain
Dell Techfest and best tech on sale featured.

One of the best times to upgrade your tech stack, be it your desktop, a new laptop, or some high-resolution monitors, is when great deals are to be had. Well, I'm here to share that thanks to Dell's top deals, you can power up your tech game and have most of the summer to make it happen. Maybe you're happy with your current system or setup. That's excellent, but you're likely considering upgrading somewhere, and that's precisely what these deals are all about. Dell has a smorgasbord of deals on laptops, desktops, gaming desktops, monitors, accessories, and so much more. We'll call out a few of our favorite deals below, but for now, know that you should be shopping this sale if you're interested in anything tech-related.

 
What summer tech should you buy in Dell's top deals?

Read more
I love the MacBook Pro, but this Windows laptop came surprisingly close
Apple MacBook Pro 16 downward view showing keyboard and speaker.

There are some great machines in the 15-inch laptop category, which has recently been stretched to include the more common 16-inch laptop. The best among them is the Apple MacBook Pro 16, which offers fast performance for tasks like video editing and the longest battery life.

The Lenovo Yoga Pro 9i 16 is aimed not only at other 16-inch Windows laptops but also at the MacBook Pro 16. It offers many of the same benefits but at a lower price. Can it take a place at the top?
Specs and configurations

Read more
How to set an ‘Out of Office’ message in Microsoft Teams
Person using Windows 11 laptop on their lap by the window.

Many people use Microsoft Teams regularly to communicate with colleagues both inside of the office and remotely. It is considered one of the most efficient ways to ensure you can stay in contact with the people on your team, but what if you need to let people know you’re not readily available? Microsoft Teams has a method for you to set up an "Out of Office" status for your profile to let staff members know when you’ll be gone for the afternoon, for several days on vacation, or for an extended period.
Where do I go to set up my ‘Out of Office’ status for Teams?
It is important to note that your Microsoft Teams and Outlook calendars are synced. This includes your out-of-office status and automatic replies. So, whatever you set up in Microsoft Teams will reflect in Outlook. Similarly, you can set up your out-of-office status in Outlook, and it will be reflected in Teams; however, the former has a more straightforward instruction.

First, you can click on your profile icon in Teams and go directly to Schedule an out of office, as a shortcut. This will take you to the settings area where you can proceed. You can also click the three-dot icon next to your profile icon, then go to Settings > General, then scroll down to the bottom of the page. There, you'll find out-of-office settings and click Schedule.

Read more