Sign up for The Paypers newsletter Follow The Paypers on LinkedIn Follow The Paypers on Twitter Follow The Paypers on Facebook
The Paypers, paypers, Insight in payments, News, Reports, Events
 advertisement
Cryptocurrencies

Parity wallet vulnerability lets hacker steal millions worth of Ethereum

Friday 21 July 2017 | 08:34 AM CET

A hacker has stolen over USD 30 million worth of Ethereum cryptocurrency, by abusing a vulnerability affecting a wallet client.

The attack occurred on July 19 and was detected by Parity, a company founded by Ethereum creator Gavin Wood, shortly thereafter. After the incident, the company released a security advisory warning of a vulnerability affecting versions 1.5 and later of its wallet.

The flaw affected a wallet variant of the company’s standard multi-sig contract. Multi-sig (“multiple-signature”) wallets are accounts for Ethereum, which operate under the control of multiple users with their own keys. Users can move funds out of a multi-sig wallet only if a majority of the wallet’s owners sign transactions with their keys.

The party responsible for the hack exploited the flaw in vulnerable Parity wallets to move more than 150,000 Ether (then worth close to USD 32 million) to an address under their control. It is unclear how many wallets from which the hacker stole; however at least three victims have come forward so far: Swarm City, Edgeless Casino and Aeternity.

Users with vulnerable Parity multi-sig wallets are advised to move their assets to a secure address. Furthermore, they should also be wary of phishers who might try to trick users into revealing their wallet addresses. In the meantime, Parity is working on a fix and has already ensured that future multi-sig wallets are protected against the vulnerability.

More: Link
 advertisement
 advertisement
 advertisement
 advertisement