Hackers use simple tricks to steal Ethereum worth 7 million dollars in 3 minutes

The theft comes after ICO's Ether trading startup project in Israel carried out ICO (Initial Coin Offering - a form of capital mobilization), allowing investors to pay in Ethereum (a form of cash stock. virtual). In just three minutes of the ICO, an unknown hacker stole more than $ 7 million worth of Ether by tricking CoinDash investors to send 43438.455 Ether to another account that the attacker owned.

How did hackers do it? Coindash's ICO publishes Ethereum addresses on their website for investors to pay with Ethereum. But within minutes, CoinDash warned that their website was hacked and sent a fake address, replaced by the fraudster's address and asked people not to send Ethereum to that account.

However, warning is too late, virtual money that investors sent into the pocket of hackers.

'Unfortunately, it was reported that we were attacked by a hacker during the Token Sale event', the company's website posted a post-event notice. 'In this attack, $ 7 million was stolen by an unknown person. CoinDash Token Sale has secured $ 6.4 million from early contributors and we are grateful for your support. '

CoinDash is currently unknown who is responsible for the attack, and even worse, they are still being attacked. Investors are advised not to send any Ether to any account address on the site, CoinDash emphasizes. According to a screenshot of CoinDash's Slack account posted on Reddit, CoinDash realizes that it only takes 3 minutes.

Hackers use simple tricks to steal Ethereum worth 7 million dollars in 3 minutes Picture 1
It took only 3 minutes for Ehereum to cost $ 7 million to leave

Some people also believe that this incident is not a hack but an internal incident. A user said: 'Is there any evidence that this is a hack? What if CoinDash gave the address and blamed the hacker for taking ETH for free? '

CoinDash's website is now closed and the company requires investors to lose money by sending Ether to the wrong CoinDash Token recovery address (CDT) by filling in the information here. However, investors who send Ether to a fake address after the website collapses will not be reimbursed.

'CoinDash will be responsible for all contributors and will send CDT for each contribution,' the company said. 'Those who send ETH to the fake address on the website and send ETH to the official address CoinDash.io will receive the CDT'.

This is not the first time that ICO funding has been hacked. Last year, $ 50 million also disappeared after hackers exploited the weakness of executing the code at the Decentralized Anonymous Organization (DAO).