The Israeli-based cryptocurrency exchange Bancor has been hacked, resulting in the theft of about $13.5 million worth of crypto to be stolen from the exchange.
The hack, which happened back In July 9th 2018 at midnight UTC has resulted in an unknown hacker ganing access to one of the wallets of Bancor. The company which uses a smart contract platform based on the Ethereum platform to transfer funds faster than traditional excchange platforms is now in trouble because even with Ethereum’s platform running and promising security, hackers were able to prove them wrong.
More About the $13.5 Million Hack
The hack which resulted in the funds stolen from the exchange has resulted in the successful withdraw of Ethereum tokens, that were 24,984 ETH coins, to be precise. The tokens were reportedy withdrawn from the company wallets to the private wallet of the hacker. But Ethereum funds were not the only coins stolen. The hacker also withdrew the amazing 229,356,645 NPXS coins, which belong to the cryptocurrency Pundy X and this theft ammounts to about $1 million alone.
But the hack did not go as planned, because besides the money which were withdrawn, among which were $10 million in BNT (Bancor) tokens, the hacker was not able to cash them out, since Bancor currently has a security feature, preventing it’s tokens to be cashed out to other exchanges.
Unfortunately, since it is not possible to ban ETH tokens from being traded in the same way, Bancor claims that dozens of ceryptocurrency exchanges have the capability to trace and manually intervene, thus stopping the stolen funds from falling into the thief’s hands.
Only Bancor Company Wallets Compromised
Bancor did not provide detailed analysis on how the hack itself took place, but they have stated that the hack itself targetd only the wallets, belonging to the company, meaning that the attacker refrained from hacking any user wallets. This suspicious theft appears to only be oriented towards the company’s reserves, used as a “cushion”(buffer) for the crypto exchange process.
Bancor Was Warned This Could Happen
What is even funnier about this story Is that Bancor were criticised by security researcher and coder himself Udi Wertheimer that by using smart contracts they do expose their network and make it succeptable to attacks. This is because the coder claims that the Smart Contracts themselves which to serve the purpose to legitimise peer to peer transactions without additonal confirmation by people lack certain cecurity flaus. One of those is that the whole process is run by nodes and the code of the smart contract at hand decides what will happen to the transaction itself. This very flaw of compromising the smart contracts has resulted in over a billion dollars stolen since December last year.
Ventsislav Krastev
Ventsislav is a cybersecurity expert at SensorsTechForum since 2015. He has been researching, covering, helping victims with the latest malware infections plus testing and reviewing software and the newest tech developments. Having graduated Marketing as well, Ventsislav also has passion for learning new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management, Network Administration and Computer Administration of System Applications, he found his true calling within the cybersecrurity industry and is a strong believer in the education of every user towards online safety and security.
Follow Me:
Wow, looks like they are on top of it.
As far as the Udi statements, Bancor had responded a year ago:
blog.bancor.network/response-to-bancor-unchained-cdb3bd2ba505