Israeli digital asset exchange Bancor has suffered a major hack – a sizely $23.5 million – in yet another stark reminder that big industry players simply are not paying attention to their security.
Initially described as a “security breach,” Bancor eventually revealed the hackers exploited a compromised wallet, inserting malicious code in certain smart contracts which “allowed the withdrawal of almost 25,000 Ethereum tokens,” worth approximately $12.5 million.
Funnily enough, $10 million in native Bancor coin BNT was able to be immediately frozen and recovered – Bancor ironicially lauding their ability to freeze tokens in situations such as these. Lately, moves such as these have been heavily criticized.
Bancor claims that no user wallets have been compromised, but have been consistently offline since retreating into maintenance mode this morning. No word as to whether an official wallet played a role in the hack, as Bancor are yet to provide updates of their investigation.
A great feature of blockchains such as Ethereum are its ultimate transparency; it especially allows for fascinated crypto-geeks to peek vicariously into the world high-tech thievery. Some plucky investigators have tracked down the exact wallet used to siphon the digital booty, made viewable through wallet directory Etherscan.
The Tel-Aviv based start-up broke records when it raised over $150 million during its ICO, attracting the attention of investment billionaire Tim Draper, who later joined the firm as an advisor.
Bancor has been going through a rough patch recently. The company actually developed the algorithm responsible for the wildly erratic free-market for memory featured by EOS. Keep in mind, it only took a few weeks for Block.one lead developer Dan Larimer to express the need to overhaul ‘the Bancor Relay’ in a lengthy Medium post.
Bancor, not surprisingly, are a top 21 block producer – not just a partner. The EOS/Bancor ecosystem, at this point, is perhaps just as critical to the overall liquidity of Bancor as it is to the usability of the EOS token.
The two are so intertwined that when the EOS mainnet launched, an official Bancor post declared: “EOS Is LIVE: Now the Real Work Begins.”
The fallout from today’s hack may be felt directly in future EOS elections – especially since investors have already taken to Reddit to scorch Bancor as unfit for candidacy.
Published July 10, 2018 — 09:14 UTC