Holders of the Ethereum cryptocurrency are nervously waiting to see if millions of dollars drained by white hats in a protection effort will be returned, after attackers stole A$39 million from three victims.
Attackers exploited a vulnerability in the Parity multi-signature wallet this week to steal 153,037 Ethereum from three accounts belonging to cryptocurrency trading platform Swarm City, Edgeless Casino, and the Aeternity project.
The currency is trading at approximately US$203 per Ethereum coin, bringing the value of the stolen funds to over US$31 million (A$39 million).
To stop any more Ethereum from being stolen via the vulnerability, Parity employees - who dubbed themselves the White Hat Group - drained other vulnerable wallets of 377,000 Ethereum and put it into a safe address.
"This vulnerability was trivial to execute, so they took the necessary action to drain every vulnerable multisig they could find as quickly as possible," Reddit /r/ethereum forum moderator Jordi Baylina wrote.
"If you hold a multisig contract that was drained, please be patient. We are creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and we will return your funds to you there."
He said once the group had finished its work it would be "like nothing happened".
Parity Technologies sent out a critical security alert for its multi-signature wallet, advising people to immediately move assets to a secure address.
The company said the bug has been fixed.
Updated to clarify White Hat Group's involvement.
.png&h=140&w=231&c=1&s=0)
Tech in Gov 2024
