Smart contract coding company Parity has issued a security alert, warning of a vulnerability in version 1.5 or later of its wallet software.
So far, 150,000 ethers, worth $30 million, have been reported by the company as stolen, data confirmed by Etherscan.io. As reported by the startup, the issue is the result of a bug in a specific multi-signature contract known as wallet.sol. Data suggests the issue was mitigated, however, as 377,000 ethers that were potentially vulnerable to the issue were recovered by white hat hackers.
Parity ranked the severity of the bug as "critical" in its public remarks, urging "any user with funds in a multi-sig wallet" move their funds to a secure address.
Writing in the Parity Gitter channel, Wood said:
On social media, notable blockchain specialists are already weighing in on the situation, with Proof of Existence creator Manual Araoz suggesting that the compromised addresses could potentially belong to notable owners.
Specifically, he identified Edgeless Casino, Swarm City, and æternity – three recent initial coin offering projects built on ethereum – as potentially having been compromised in the thefts.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.