Hacker steals more than $7 million in digital currency by switching a mere link

digital currency
Security firm Tripwire reports that a hacker managed to steal more than $7 million in digital currency by simply replacing a single link. The hack took place on Monday during an event called an Initial Coin Offering (ICO) to reel in investors of a cryptocurrency app called CoinDash. However, early investors quickly discovered that a link for depositing digital currency on the CoinDash website was not legitimate.

According to Tripwire, trading platform CoinDash began its ICO at 1 p.m. (GMT). Three minutes later, investors figured out that the link for sending Ether, a type of digital currency, was taking them to the wrong deposit location. Within those three minutes, the hacker managed to accumulate more than $7 million before CoinDash terminated the ICO and removed the page.

“The moment the token sale went public, the CoinDash website was hacked and a malicious address replaced the CoinDash Token Sale address,” CoinDash said. “As a result, more than 2,000 investors sent ETH to the malicious address. The stolen ETH amounted to a total of 37,000 ETH.”

Ether is the digital currency of the world’s second most popular cryptocurrency network, Ethereum. This platform consists of smart contracts, which are essentially bits of code that will execute when certain requirements are fulfilled. These “apps” are listed on the Ethereum network using what is called a blockchain, which serves as a registry that records all transactions. Ether, abbreviated as ETH, is what’s used to pay for things and services listed on the Ethereum network.

So why not just use real world cash? Because digital currency is decentralized. It’s not managed by banks or the government. Plus, both the merchant and buyer can remain completely anonymous, with a transaction digitally signed and verified by an unknown miner on the associated network. Ether is similar to Bitcoin in purpose although technically they are completely different digital currencies.

Individuals who successfully participated in a private “heads up” for whitelist contributors 15 minutes prior to the public ICO received “tokens” as proof of their CoinDash app investment. However, those who invested Ether using the hacked address are reportedly now demanding a refund. After all, the CoinDash website was not locked down tight, enabling a hacker to insert a simple link that collected millions in stolen digital currency.

However, many Ether users reportedly flocked to social networks and questioned the theft. Was this a genuine hack, or a simple scam using a hack as a cover story? As Tripwire states, there is no evidence to suggest foul play.

CoinDash is currently providing an online form for victims to complete as part of the company’s forensic investigation into the hack. Victims are asked to provide their email address, wallet address, a proven transaction number, and the amount of Ether sent.

“This was a damaging event to both our contributors and our company but it is surely not the end of our project,” CoinDash added. “We are looking into the security breach and will update you all as soon as possible about the findings. We are still under attack. Please do not send any ETH to any address, as the Token Sale has been terminated.”

Despite the hack, CoinDash said that it managed to secure $6.4 million from early contributors and whitelist participants in the 15-minute “heads up” prior to the ICO. Those who sent digital currency to the wrong Ether address during the hack will still receive tokens. Otherwise, investors who sent Ether to the wrong address after CoinDash removed the ICO page will not receive investment tokens.

Update: Added new information provided by CoinDash.

Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.
Movies & TV

The best shows on Netflix, from 'Haunting of Hill House’ to ‘Twilight Zone’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Emerging Tech

Scoot your commute! Here are the 9 best electric scooters on the market

Electric scooters are an affordable, convenient way to minimize your carbon footprint and zip around town. Check out 8 of our current favorites, whether you're working with a budget or have some cash to spare.
Gaming

These are the best Xbox One games available right now

More than four years into its life span, Microsoft's latest console is finally coming into its own. From 'Cuphead' to 'Halo 5,' the best Xbox One games offer something for everyone.
Computing

Want to save a webpage as a PDF? Just follow these steps

Need to quickly save and share a webpage? The best way is to learn how to save a webpage as a PDF file, as they're fully featured and can handle images and text with ease. Here's how.
Computing

New rumors say the Pixelbook 2 could show up at CES 2019

What will the Pixelbook 2 be like? Google hasn't announced it, but thanks to rumors and leaks, we think we have a pretty good idea of what the potential new flagship Chromebook will be like.
Computing

We want every laptop to be as thin as an iPhone. But is it practical?

The Acer Swift 7 is the thinnest notebook you can buy, and it feels like the notebook of the future. But it makes too many compromises along the way, and some weird design choices hold it back.
Computing

A dead pixel doesn't mean a dead display. Here's how to repair it

Dead pixel got you down? We don't blame you. Check out our guide on how to fix a dead pixel and save yourself that costly screen replacement or an unwanted trip to your local repair shop.
Computing

You could spend $1,000 on an iPhone, or buy one of these awesome laptops instead

Finding a decent laptop is easy, but finding one under $1,000 is a bit tricky. Luckily, we've taken some of the guesswork out of picking out a budget laptop. Here are some of our favorites, the best laptops under $1,000.
Computing

Don't know what to do with all your old DVDs? Here's how to convert them to MP4

Given today's rapid technological advancements, physical discs are quickly becoming a thing of the past. Check out our guide on how to convert a DVD to MP4, so you can ditch discs for digital files.
Computing

Here’s how to install Windows on a Chromebook

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so, just in case you're looking to nab some Windows-only…
Computing

Supermicro investigation: no spy chips found on our motherboards

Supermicro announced the results of an investigation into the controversy surrounding its motherboards. The investigation was launched in response to reports that alleged the motherboards were compromised with malicious hardware.
Photography

Photographers can now customize the layout of Lightroom Classic controls

Tired of scrolling past Lightroom tools that you don't use? Adobe Lightroom Classic now allows users to reorganize the Develop panel. The update comes along with new sharing options in Lightroom CC, and updates to the mobile Lightroom app.
Cars

Best Products of 2018

Our reception desk has so many brown boxes stacked up, it looks like a loading dock. We’re on a first-name basis with the UPS guy. We get new dishwashers more frequently than most people get new shoes. What we’re trying to say is: We…