Cryptocurrency startup BeeToken has been hacked. The attackers targeted its initial coin offering (ICO) with phishing attacks and have already duped gullible investors for over $1 million worth of Ethereum.
Using email addresses like [email protected], scammers contacted would-be buyers who then signed up for the full token sale. But how the scammers acquired investors’ emails is not immediately clear. May be the startup failed to properly protect its email database. The attackers coordinated their phishing emails along with the official launch of the BeeToken ICO. The scheme involved emailing victims an ethereum address or a QR code which lead to the address, telling them to invest quickly to significantly increase their returns. In such a manner the swindlers collected at least $928,000 from potential investors.
Last week the company confirmed the existence of the scams and said that investors should only send funds to an address listed on the startup’s official website. Bee Token has written: “We will NEVER communicate ANY funding address via any channel other than on beetoken.com. If you are solicited to send money to an address (even if it’s from a thebeetoken.com email address, official Bee Token social media accounts, or Bee Token telegram moderator/group), please report this to a moderator on Telegram (@DTodd) and email [email protected]”
Do not trust Bee Token scam emails that do NOT come from [email protected] We will not ask anyone via Telegram DM or in our channel for ETH. The ETH address will be communicated at https://t.co/RDSbZSZhkt at 12 PM PST. https://t.co/noKOnrNQU6 pic.twitter.com/ZYAJ0b95S1
— The Bee Token (@thebeetoken) January 31, 2018
In another statement, the company stated it would not use QR codes, give 100% bonuses, accept more than 0.3 ETH or partner with Microsoft.
Bee Token is a decentralized ecosystem for the sharing economy powered by the BEE token with a seasoned team of industry veterans from some of the most disruptive companies in Silicon Valley including Google, Facebook, Uber, and Civic, reimagining the sharing economy by leveraging the efficiency and security of the Bee Protocols.
The startup completed a successful private pre-sale in late December. Recently it partnered with San Francisco-based financial services platform WeTrust to create a decentralized competitor to home-sharing service AirBnB. Bee Token public ICO was launched on January 31.
The phishing attacks are pretty unfortunate, especially for the numerous duped investors who were promised a safer service on the blockchain. Since BeeToken exists on the Ethereum blockchain, users can’t claim their Ethereum back. This conundrum is something decentralized systems will be facing even more in the near future, especially now that the technology is finally taking off in the mainstream.
BeeToken CEO Jonathan Chou told that “the company does not store customers’ data in a centralized database like Airbnb.” He added: “We are not at risk of exposing all of our customers’ data in one go if there is a security breach.”