Wednesday , December 18 2024
Home / Crypto news / Parity Hacker Returns, Laundering $9M in Ethereum After 7 Years of Inactivity

Parity Hacker Returns, Laundering $9M in Ethereum After 7 Years of Inactivity

Summary:
According to reports from Cyvers Alerts, the hacker who stole 150,000 ETH from the Parity Multisig Wallet version 1.5 in 2017 has resurfaced, moving stolen Ethereum worth million to cryptocurrency exchange eXch. The hacker still has control over 83,017 ETH, amounting to 6.6 million stolen during the 2017 incident. M Worth of Ethereum Laundered A post from X by Cyvers Alerts acknowledges the hacker’s notable patience, marking a significant event in cryptocurrency history. They commenced the laundering of 3,050 ETH, equivalent to M, through eXch, employing various consolidated addresses. 🚨ALERT🚨 In 2017, a vulnerability in Parity Multisig Wallet version 1.5+ led to the theft of over 150K ETH, valued at approximately M USD at the time. The hacker behind this

Topics:
Wayne Jones considers the following as important: , ,

This could be interesting, too:

Chayanika Deka writes Ethena Labs Launches USDtb, Backed by BlackRock’s BUIDL Fund

Wayne Jones writes Prometheum Files Lawsuit Against Critic Matthew Blumberg Amidst Scam Accusations

Wayne Jones writes USDT Transfer Volume on TRON Reaches All-Time High of 7.2B

Chayanika Deka writes Lido Announces Phase-Out of Polygon Liquid Staking Protocol After Community Vote

According to reports from Cyvers Alerts, the hacker who stole 150,000 ETH from the Parity Multisig Wallet version 1.5 in 2017 has resurfaced, moving stolen Ethereum worth $9 million to cryptocurrency exchange eXch.

The hacker still has control over 83,017 ETH, amounting to $246.6 million stolen during the 2017 incident.

$9M Worth of Ethereum Laundered

A post from X by Cyvers Alerts acknowledges the hacker’s notable patience, marking a significant event in cryptocurrency history. They commenced the laundering of 3,050 ETH, equivalent to $9M, through eXch, employing various consolidated addresses.

The original incident, dating back to July 2017, was caused by a bug identified in a multi-signature contract named wallet.sol, which affected the v1.5 or later versions of Parity’s wallet software.

The hacker found a programmer-introduced bug that allowed them to re-initialize the wallet, effectively restoring it to factory settings. This vulnerability allowed the bad actor to gain control of victims’ wallets with a single transaction.

The incident led to unauthorized access and the theft of over 150,000 ETH, valued at $30 million at the time but now worth $442 million at current prices.

Parity Technologies, the company behind the affected wallet, classified the bug’s severity as “critical” and issued public statements advising users with funds in multi-sig wallets to transfer their assets to secure addresses.

However, white hat hackers managed to recover 377,000 ETH that were potentially at risk due to the same vulnerability, providing some relief to affected users.

Analysts Advocate for Robust Coding Standards

Analysts from OpenZeppelin, a blockchain infrastructure platform, provided insights into the possible steps that could have prevented the attack. They emphasized the importance of avoiding the use of certain coding methods, such as the “delegatecall” function, which functioned as a universal forwarding mechanism.

They also emphasized the importance of following robust coding standards within the Ethereum ecosystem, cautioning that overlooking such protocols could result in severe consequences, even from bugs that seem minor.

Parity Technologies, known for its involvement in developing the Polkadot blockchain and Ethereum’s Parity client, develops multi-signature wallets like Parity.

These wallets, designed as smart contracts, enable the management of cryptocurrency assets through a collective agreement among multiple owners. They offer features such as daily withdrawal limits, voting mechanisms, and ownership changes.

You Might Also Like:

Leave a Reply

Your email address will not be published. Required fields are marked *