The cryptocurrency craze is showing no signs of stopping as exchanges and ICO (Initial Coin Offering) platforms continue to experience breaches and virtual robberies. The latest such example comes from KICKICO, whose clients lost a whopping $7.7 million in Kick tokens, or KickCoins, after getting hacked by an unknown attacker.
The firm acknowledges the attack in a July 26 post on Medium, admitting it hadn’t a clue about the breach until customers desperately called in to report losing hundreds of thousands of dollars’ worth of KickCoin (a ‘sub-species’ of the digital currency Ethereum) overnight.
“KICKICO has experienced a security breach, which resulted in the attackers gaining access to the account of the KICK smart contract — tokens of the KICKICO platform. The team learned about this incident after the complaints of several victims, who did not find tokens worth 800 thousand dollars in their wallets,” the post reads.
Apparently, the attacker avoided tripping any wires by simply destroying tokens at 40 addresses and creating tokens (in the exact corresponding amount) at another 40 addresses controlled by him. As KICKICO would normally notice such substantial and sudden shifts in funds, this method enabled the thief to fly under the radar.
An investigation into the hack revealed that the perp managed to run off with a total of 70,000,000 KICK, or the equivalent to $ 7.7 million at the time.
“Thanks to the rapid response of our community and our coordinated team work, we were able to regain control over the tokens and prevent further possible losses by replacing the compromised private key with the private key of the cold storage,” the firm notes.
An apologetic KICKICO encourages everyone with questions regarding the attack to contact the company through its official social channels or email (firstname.lastname@example.org). Perhaps the best news is that all KickCoin holders who saw their wallets emptied will soon see their funds replenished.
“KICKICO guarantees to return all tokens to KickCoin holders. We apologize for the inconveniences, but claim that the situation is under control,” says KICKICO.
*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Filip Truta. Read the original post at: https://hotforsecurity.bitdefender.com/blog/unknown-attacker-runs-off-with-7-7-million-in-kickcoin-after-hacking-40-wallets-20161.html