CoinDash ICO Hacker Nets Additional Ether as Theft Tops $10 Million

Money continues to trickle into an ethereum address compromised during an initial coin offering by a startup called CoinDash.

AccessTimeIconJul 19, 2017 at 9:30 a.m. UTC
Updated Sep 11, 2021 at 1:32 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

A few prospective investors were still sending ether to an ethereum address compromised in an initial coin offering (ICO) held by a startup called CoinDash yesterday, inadvertently bringing the total lost in the theft up to around $10m.

As reported on July 17, $7m was initially stolen by a hacker who altered the contract address of the ICO project. CoinDash said in an updated statement today that 2,000 investors have now sent a total of 37,000 ethers to the fake address after the open sale started.

While only a small number of transactions have been seen since the hack was revealed, one investor sent 50 ethers to the fake address, according to Etherscan.io.

At publication, around 43,500 ether had been sent to the address in total, bringing the value of the theft to just under $10.3m, amid the cryptocurrency market rebound over the last day.

While CoinDash has yet to disclose how the breach occurred, others are beginning to speculate on what caused the issue.

Wu Guanggeng, the COO of China's mining pool Bixin, for example, posited on Weibo that the breach may have actually been made via the domain name server provider. When reached out to by CoinDesk, Wu indicated his source for the information was a WeChat official account that publishes cryptocurrency news for subscribers.

One post from the social messaging account claimed that CoinDash support staff said the hacker first cloned an almost identical website to CoinDash.io, while using a fake contact address.

The imposter then contacted the CoinDash's DNS provider using the registered email to request a redirection of traffic to the false site. Wu suspected the CoinDash email account was also compromised.

While CoinDash has previously stated that investors who have been affected by the hack will receive ICO tokens as compensation, those who made transactions after the website was shut down will not be compensated.

CoinDash did not confirm the cut-off time for the website closure. However, the company tweeted on 10:39 a.m. EST, July 17, that the token sale was over and asked investors not to send "any ETH to any address."

This was followed by another Tweet on 12:47 p.m. that linked to its statement, and another soon after pointing to a form for those who had been affected.

So far the fake contract address has not made any outgoing transactions.

Sink drain image via Shutterstock; fake account details image via Etherscan.io

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.