CoinDash Cryptocurrency ICO Website Hacked, Assailant Steals US$7m Worth of Ethereum

It is neither the first nor the last time we will see a cryptocurrency ICO suffering from a major hack. The InsureX ICO was affected by a large hack not too long ago. CoinDash, a new cryptocurrency, has reported that over US$7 million worth of Ethereum was stolen in about 30 minutes. That is a major problem for any cryptocurrency ICO, even though the team is working on issuing tokens to the affected investors regardless.

CoinDash ICO Is Another Example of Mismanagement

While cryptocurrency ICOs are all the rage right now, they have also attracted the wrong kind of attention lately. Criminals are more than willing to exploit any weakness found on cryptocurrency ICO websites and make a lot of money doing so. The InsureX ICO was hijacked by an unknown assailant, and someone used a similar approach to defraud potential CoinDash investors. When everything was said and done, US$7 million worth of Ethereum was stolen, all of which will eventually be dumped onto exchanges.

CoinDash’s website was hijacked by an unknown hacker as the company was still raising money. That is not unusual, since only a few ICOs sell out in mere minutes. However, the address listed on the CoinDash website was not the official Ethereum smart contract address used to issue tokens based on the amount of Ether invested.

Everyone who followed the instructions to send money to that particular address would have their money stolen. So far, it seems that close to US$7 million worth of Ethereum has fallen into the wrong hands. Close to 2,130 transactions were identified related to this bogus address. For the time being, no one knows for sure if the money will be sent to an exchange and dumped on the open market. This points to one downside to using cryptocurrency for criminal purposes: everyone can track where the funds come from and where they go at any given time.

This is yet another example of how cryptocurrency ICOs prove to be a fatal weakness in this decentralized ecosystem. All of the projects raising money promote decentralized technologies like blockchain, smart contracts, and other things. Given that, it is remarkable to see all of those projects using a centralized website proving to be a major weakness. We have now seen two such sites hijacked recently.

Thankfully, it appears that the CoinDash team will reimburse the affected investors. Tokens will be issued to the people who sent money to the wrong address. Proving ownership of such transactions to a fraudulent address will be a different matter altogether. Such events often attract a lot of people making bogus claims of losing money to the scammer and seeking to get their hands on the tokens they are “owed.” Verifying such claims will be a challenge for the CoinDash team.

Trusting unknown entities with your hard-earned money is a problematic side effect of cryptocurrency ICOs, especially if said companies fail to secure their own website. Such a group of developers will struggle to build the project they claim to offer as well. One thing’s for sure, though: cryptocurrency ICOs have a horrible reputation, and public perception will not be improved by hacks like these.