Cybercriminals have their eyes set on mining cryptocurrencies and exploiting cryptocurrency exchanges for their malicious purposes. According to reports, another popular cryptocurrency exchange EtherDelta has been hacked in such a way that users are sending their tokens to the hacker considering that the exchange is receiving them.
So far at least 308ETH (equivalent to $266,789) are stolen while tokens worth hundreds of thousands of dollars are currently at risk. EtherDelta, a decentralized exchange listing all Ethereum tokens available nowadays, doesn’t have as large a volume as other bigger exchanges have but it is definitely a popular exchange for new traders. EtherDelta is listed in the world’s top 75 trading platforms with an approximate volume of $11 million per day.
Reportedly, the smart contracts that control EtherDelta are safe because the hackers took over Etherdelta’s DNS server and presented an unauthentic version of the website to the visitors. This hints at the fact that cybercriminals have reached such an advanced level of deception and social engineering skills that they can now create fake domain addresses that are same as the original ones.
Dear users, we have reason to believe that there had been malicious attacks that temporarily gained access to @etherdelta https://t.co/NnqU5Er4rj DNS server. We are investigating this issue right now – in the meantime please DONOT use the current site.
— EtherDelta (@etherdelta) December 20, 2017
This is quite dangerous, even more concerning that phishing attacks. This is why when a user visited EtherDelta’s website on Wednesday afternoon between 1:40 p.m. ET and 8 p.m. ET he/she was actually seeing an unauthentic but seemingly original version of the site. The received tokens were moved to another address at 1:30 a.m. ET on Thursday.
The attack was mitigated after a few hours and original EtherDelta website was restored but by then anyone who visited the domain might have sent ether or other tokens to the attacker instead of the desired destination. EtherDelta confirmed the attack via Twitter. The company urges that users stop using the site as the site was unsafe to be used. Until now, the company hasn’t posted about lifting this warning.
At the time of publishing this article, EtherDelta’s website was offline.
8th Breach Against Cryptocurrency Platforms In Last 5 Months
This is the 8th major successful security breach against a cryptocurrency platform. Here is a look at seven previous data breaches against cryptocurrency exchanges:
1: July 4th, 2017: Bithumb cryptocurrency exchange was hacked and billions of South Korean Won were stolen.
2: July 17th, 2017: Israeli cryptocurrency social trading start-up CoinDash was hacked and Ethereum worth $7 million were stolen.
3: July 24th, 2017: Cryptocurrency platform Veritaseum was hacked and $8.4 million worth of Ethereum were stolen.
4: July 20, 2017: Parity Technologies suffered a data breach in which $32 Million in Ethereum from 3 multisig wallets were stolen.
5: August 22nd, 2017, Enigma marketplace was hacked in which hackers stole $500,000 in Ethereum.
6: November 19th, Tether, a start-up firm known for offering dollar-backed cryptocurrency suffered a data breach in which a whopping $30 million worth of tokens were stolen.
7: December 7, 2017: A cryptocurrency mining market NiceHash was hacked in which hackers stole more than $70 million.