In yet another attack on an online cryptocurrency exchange, Shapeshift.io went down for a couple days while they dealt with some malicious intrusion into their server, assessing the damage and keeping their customer base aware of the status the entire time. Within a day of knowing that something wasn’t right with their servers, Shift.io immediately shut down trading and their website and notified customers via a Reddit post.
In the post on Reddit, Shapeshift.io’s CEO Erik Voorhees stated that not a cent of customer money went missing during the attack, which was luckily a product of intentional design in their exchange system. Being well-known as a unique cryptocurrency trading system, Shapeshift.io does not require email or any unique identifying information about their clients in order to trade. All that’s required is a sending and receiving wallet address to interact with their browser-based platform.
Voorhees stated that the server would be completely re-built from the ground up and trading would not be restarted until they were certain that the rest of the infrastructure was secure. While customer money was not stolen, there were some funds that were held up as they were being processed when the site went down, however Voorhees wrote that the customers would receive those funds back as soon as possible.
An additional bit of bad news is that an undisclosed amount of money was able to be stolen out of Shapeshift.io’s hot wallet inventory, however, it doesn’t appear to be too significant amount as it appears to not be affecting Shapeshift.io’s plan for resuming operations moving forward.
Currently, the site is back up and actively trading only Bitcoin and Ether. The Shapeshift.io Twitter account stated that other coins will be trade-able in coming weeks and the company will notify users of that as the process of fixing the back end continues.
With the rise of Ether trading past a market cap of $1bn and the popularity of Ethereum Dapps grows, it’s possible that trading volume and profits at exchanges such as Shapeshift.io have made them an even more attractive target for hackers.
It’s likely a relief for their many users that Shapeshift.io does not store information about traders on their site, so that in the case of this incident, no individuals are affected negatively aside from being unable to trade for a couple days. It's also fortunate that the leadership at Shapeshift.io defaults to transparency, whereas in the case with other bunk exchanges, mum is the word and their downfall.
Featured image from Shutterstock.
Last modified (UTC): March 17, 2017 8:55 AM