SpankChain, a cryptocurrency project focused on the adult industry, has suffered a breach that saw almost $40,000 in ethereum stolen.
In a blog post published Tuesday, the SpankChain team disclosed the hack, saying 165.38 ETH had been lost at around 18:00 PST on Saturday.
The intrusion, which the post said was made possible by a bug in the network's payment channel smart contract, also caused $4,000 in SpankChain's BOOTY token to be frozen.
"Unfortunately, as we were in the middle of investigating other smart contract bugs, we didn't realize the hack had taken place until 7:00pm PST Sunday, at which point we took Spank.Live offline to prevent any additional funds from being deposited into the payment channels smart contract."
Of the cryptos stolen, $9,300 worth of ETH and BOOTY belonged to users, and the remainder to the project.
SpankChain warned of 2-3 days' delay ahead while its developers patch the issue behind the hack, redeploy a new smart contract and fix the other contract issues that were already being worked on.
The team says, it seems the attack was due to a "Reentrancy" bug, similar to the one that allowed a major hack of The DAO crypto project in 2016.
"The attacker created a malicious contract masquerading as an ERC20 token, where the 'transfer' function called back into the payment channel contract multiple times, draining some ETH each time," the team said, adding that it will undertake an "In-depth investigation of the attack" in the coming days.
SpankChain further conceded it had decided not to pay for a security audit for the payment channel contract due to the costs involved "Taking into account both the perception value and opportunity cost of the time spent reacting to the hack, it would have been worth it," the post says.
The firm concluded by pledging it would improve its security practices, "Making sure to get multiple internal audits for any smart contract code we publish, as well as at least one professional external audit."
SpankChain Loses $40K in Hack Due to Smart Contract Bug
Udgivet den Oct 9, 2018
by Coindesk | Udgivet den Coinage
Coinage
Nævnt i denne artikel
Seneste nyheder
Se alt
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.