Yet another initial coin offering (ICO) project is claiming that it has been the victim of a hack.
Just a week after a prominent ICO saw its sale disrupted, the team behind Veritaseum, the issuer of a cryptocurrency called VERI, is claiming 36,000 of its tokens were stolen and subsequently exchanged for ether.
After one user posted a screen capture of Veritaseum founder Reggie Middleton mentioning the hack on Slack, Middleton later confirmed the theft. There, he said the hackers "dumped" the tokens within a few hours and without the public knowing about the hack.
Based on the address of the hacker or hackers that Middleton located in his post, all the stolen tokens were exchanged on EtherDelta, a decentralized trading platform, of which 80 percent of the volume is in VERI. The exchange only supports the VERI to ETH trading pair.
According to the transaction time, nearly $8 million worth of VERI were traded to ETH, the consecutive large sell orders for which led to a major drop of VERI exchange price to ETH.
Middleton said in the statement that while the hack is unfortunate, the stolen amount was less than 0.07% of the total supply of tokens. In the meantime, he touted an "impressive" demand for VERI amid the flash liquidation by the hacker, which bolstered the token price.
Middleton later responded to CoinDesk, claiming all the stolen tokens came from the company as opposed to investors who participated in its ICO in April this year. According to Veritaseum's website, the tokens are being used to build a P2P software for capital market trading.
"Since the address is ours, and we did not authorize the withdrawal, we came to the conclusion that it was hacked," Middleton said.
Data on Etherscan.io shows that the 36,000 tokens were taken out from the origin address alleged to belong to Veritaseum, and transferred through six additional newly created addresses before being liquidated.
Two hours after the claimed hack, the same address also shifted out an even larger amount – over 96 million VERI. However, Middleton said they emptied the wallet as soon as they sensed a potential threat.
He continued to say that a supplier of the company was compromised, and that this led to the hack, but refused to offer additional details such as the name the company or the attack vector.
Hacker image via Shutterstock