The flaw in the Parity Ethereum client has resulted in a massive theft this week. An unknown hacker exfiltrated funds from multi-sig wallets created with Parity clients 1.5 and later having totally stolen more than 153,000 Ether, which is equal to more than $30 million dollars.
The distinctive feature of multi-sig wallets is control of multiple people who have their own keys. The transaction is approved and processed only if the majority of owners sign it with their key. Parity 1.5 was released on January 19, 2017.
Once the attack occurred, Parity, a company founded by Gavin Wood, Ethereum’s founder, detected it and issued a security alert on its blog. Reportedly, the Ether stolen from Parity multi-sig accounts is stored now on this Ethereum wallet that had 153,017.021336727 Ether at the time of hack.
The timely reporting of the attack by Parity resulted in one more theft. A group named The White Hat Group stole the rest of Ether stored in other Parity wallets using the same vulnerability area. This money now resides in this Ethereum wallet. It currently holds 377,105.329999703743767504 Ether.
Allegedly, the White Hat Group consists of security researchers and members of the Ethereum Project who have taken it into their own hands to secure funds in vulnerable wallets. The group informs that it is going to return the funds.
Now, the Parity team is involved in urgent fixing the problem. Users who still hold funds in multi-sig wallets created with a Parity 1.5+ client are highly recommended to move the funds to a secure single-user wallet.
The hack resulted in Ethereum price dropping from around $230 to current $215, according to the CoinMarketCap.
The second theft taking place this week
This hacker attack is the second one this week. Earlier, a hacker stole $7 million worth of Ethereum from CoinDash. A couple of days ago, a Blockchain-based trading platform informed that its ICO was abruptly halted as $7 million out of $12 million raised was stolen by hackers. Investors were to pay in Ethereum to the token sale’s smart contact address that was hacked and changed to a fraudulent address.
“This was a damaging event to both our contributors and our company but it is surely not the end of our project,” the company said.
CoinDash took the full responsibility for the attack and ensured that all investors who sent funds to the CoinDash address before the ICO or Token Sale event ended would be credited with its native token CDT. Now, the primary task for the team is to recover and provide CDTs to the affected investors.