30 Million US Dollar’s worth of Ethereum, a popular crypto or digital currency that is bought and sold on exchanges similar to that of normal currency, has been stolen using a vulnerability in a wallet client.

The wallet client company, Parity, detected the MultiSig vulnerability shortly after the attack occurred at 19:00 UTC, 19th July. Parity, founded by Ethereum creator Gavin Wood, released a warning stating that the flaw resided in Multi-Sig Wallets. Multiple Signature, or “Multi-Sig”, wallets have several members with their own keys. Members can only move currency out of the wallet if the majority of al members agree and sign with their own keys.

Cyber Security London

As of today, the hacker’s Ethereum wallet stands at almost $19 million dollars.

Vigilante Hackers – Cyber Security London

To prevent further currency being stolen, a group named “The White Hat Group” used the same exploit to drain funds from all remaining Multi-Sig accounts. The group is reportedly comprised of security researchers associated with Ethereum. Their wallet currently sits at almost $86 million, and the group will be releasing funds back to their owners in due course.Cyber Security London

Parity are said to be working on a fix for all Multi-Sig Clients.

However, users still holding funds in Multiple Signature Wallets, created with a Parity 1.5+ client that have not been drained by either the unknown hacker or “The White Hat Group”, should transfer funds to a more secure, single-user wallet.

Impact on Markets – Cyber Security London

The hack lead to a 14% drop in the trading price of Ethereum. The cryptocurrency was $230 before the hack, dropped to $200 just after, and has a current price of $222.56.

The attack followed a similar attack earlier in the same week.  In the earlier attack, the cyber criminal took over the popular cryptocurrency platform, CoinDask, replacing an Ethereum address during the firm’s Initial Coin Offering. The attacker managed to steal over $7 million in Ethereum tokens.

What the Future Holds for Cryptocurrencies – Cyber Security London

The attacks are not the first and, undoubtedly, will not be the last in a string of cryptocurrency attacks, raising concerns over the viability of cryptocurrency. Despite the cryptography underpinning the currencies remaining strong, vulnerabilities in wallet clients call the currencies into question.

If you have concerns over the vulnerability of your systems to Cyber Attacks, please get in touch on 07842 908769 or via our Contact Form, and one of our Cyber Security London advisors will be on hand to help.

LEAVE A REPLY