On July 20, as reported by CCN, hackers managed to seize $32 million in Ethereum after breaching Parity Technologies’ popular multi-signature wallet software. The hacker, according to blockchain data, managed to steal over 153,000 Ether, part of which he has now managed to cash out.
At the time, Swarm City confirmed they lost over 44,000 Ether, and Edgeless Casino and Aeternity have also fallen prey. Nonetheless, the White Hat Group started to drain various multi-sig wallets to prevent hackers from making more money and managed to obtain over 377,000 Ether (worth over $85.7 million).
The funds the White Hat Group managed to obtain are to be returned to their rightful owners. The group stated that they are going to create a new multi-sig wallet with the vulnerability removed and asked users to be patient.
Hacker Cashes out $90,000
As for the hacker, his funds are now on the move, and some have already been cashed out. According to Etherscan.io, 70,000 Ether have exited the hacker’s address through seven consecutive transactions of 10,000 Ether each.
Further analysis shows that the hacker successfully cashed out 400 Ether through the cryptocurrency exchange service Changelly. At the time these were cashed out, one Ether token was worth about $220, totaling about $90,000. Twitter users quickly pointed out this was happening, and the startup attempted to react.
Hey guys, thanks for notifying us! Seems to be many addresses in chain mixing were used by the hacker. Will investigate that asap!
— Changelly.com (@Changelly_team) July 20, 2017
Changelly then revealed on Reddit that it was unable to do anything about the cashed out funds. Its service matches cryptocurrency exchanges’ buyers and sellers to calculate the best rates for each user, and keeps no customer information. Moreover, it claimed that the hacker used Tor to access it, so no IP addresses or fiat currencies the funds were exchanged for were traced.
Changelly added that it’s probably a dead end. In a blog post, later on, revealed that the hacker’s address has already been blacklisted, and that it is helping investigate the attack in cooperation with MyEtherWallet, Etherscan, and others. It reads:
“Luckily, the Ethereum blockchain is transparent, so we have easily figured out and blacklisted the compromised wallet addresses. However, in order to completely protect funds from theft, there is a need for more measures to be taken.”
When asked about what fiat currencies the hacker changed his funds for, Changelly added that it could not reveal that information, but that “all members of the investigations are in touch.”
Watch out for Phishing Attacks
As previously stated, situations like these are for malicious individuals an opportunity to attack and steal some more funds. Before opening links and emails, carefully analyze them and keep in mind the breach affected Parity’s multi-signature wallets version 1.5 or higher. Other Ethereum wallets weren’t affected.
Featured image from Shutterstock.