UPDATED 00:13 EDT / JULY 21 2017

EMERGING TECH

‘White hat’ hackers claim they stole $85M in Ethereum tokens for safekeeping

There’s a strange new twist to the Parity Ethereum wallet hacking story Wednesday in which 150,000 ETH tokens ($31 million) was stolen from three companies that had recently raised funds through an initial coin offering.

Now, so-called “white hat” hackers are claiming to have stolen an additional 377,000 ETH tokens ($85 million) for safekeeping and are promising to return the tokens to their owners at a later date.

A spokesperson using the name of “jbaylina” on Reddit claimed that “The White Hat Group” became aware of the vulnerability in the Parity “multisig” Ethereum wallet, so members “took the necessary action to drain every vulnerable multisig they could find as quickly as possible.” Providing evidence of their actions, the user also linked to an Ethereum block explorer address where the stolen, or saved, Ethereum tokens are detailed. The link shows a balance of about 377,105 ETH, proving that they have possession of the funds but not necessarily that they will return to them to their rightful owners.

“If you hold a multisig contract that was drained, please be patient. We will be creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and we will return your funds to you there,” jbaylina wrote, explaining the process in which the Ethereum tokens will be returned. “We will be using the donations sent to us from The DAO Rescue to pay for gas,” he or she added, suggesting that they will be raising money for their alleged “white hat” service.

One interesting part from the Reddit post is the claim that the funds will not be returned until the vulnerability in the Parity wallets is fixed. Parity itself claims to have fixed the problem, suggesting that the hackers may have discovered another vulnerability in the code for the Ethereum multisig wallets that has not yet been publicly disclosed.

Should the putative white hat hackers return the Ethereum tokens to the rightful owners, it could be claimed that they have provided a public service and should be congratulated for doing so. That said, the idea that anyone can take money from a private Ethereum wallet under any circumstances remains a disturbing concept.

Photo: Maxpixel

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.