{"id":23470,"date":"2017-07-20T20:01:33","date_gmt":"2017-07-20T20:01:33","guid":{"rendered":"http:\/\/ci027cfe65f00f26c3"},"modified":"2017-07-20T20:01:33","modified_gmt":"2017-07-20T20:01:33","slug":"white-hats-step-save-funds-vulnerable-ether-wallets","status":"publish","type":"post","link":"https:\/\/bitcoinmagazine.com\/business\/white-hats-step-save-funds-vulnerable-ether-wallets","title":{"rendered":"White Hats Step In to Save Funds from Vulnerable Ether Wallets"},"content":{"rendered":"
<\/div>
<\/figure>\n

At 11:30 a.m. (CDT) on July 19, 2017, a hacker managed to steal<\/a> 153,000 ETH (approximately $32 million at the time) from three Ethereum wallets by exploiting a vulnerability within the wallets’ multi-signature verification. The affected wallets include the ones using Parity client version 1.5 or later.<\/p>\n

According to a tweet<\/a> by Project Lead Manuel Ar\u00e1oz, the three multisig wallets first targeted by the hack were using Parity client version 1.5 or later, and included Edgeless Casino, Swarm City and \u00c6ternity Blockchain. However, Project Blocktix<\/a> also reported a loss totaling 3,916 ETH. According to ETHNews<\/a>, Blocktix.io was hit by a second attacker who exploited the same vulnerability.<\/p>\n

A Swarm City blog post<\/a> revealed that a group of white hat hackers managed to secure the remaining funds from the affected ETH wallets using the same exploit. The swift response of the white hat hackers allowed them to secure the funds of other vulnerable projects. Unfortunately, funds in the wallets of Edgeless Casino, Swarm City and \u00c6ternity Blockchain are completely lost, though the \u201cwhite hat response team\u201d managed to secure 6,272 of 10,188 ETH at Blocktix.io.<\/p>\n

The White Hat Group announced on Reddit<\/a> that they will create \u201canother multisig for you [the affected users] that has the same settings as your [the users\u2019] old multisig but with the vulnerability removed and we will return your [the users\u2019] funds to you [the users].\u201d The response team warned the Reddit community to be careful with donation addresses below their post since there are \u201ca lot of phishers in the community right now.\u201d<\/p>\n

On July 19, Parity Technologies published a critical security alert<\/a> stating there was a vulnerability connected to Parity Wallets. The users affected by the vulnerability included \u201cany user with assets in a multi-sig wallet created in Parity Wallet prior to 19\/07\/17 23:14:56 CEST.\u201d The company urged users to move all assets from the multisig wallets to a secure address. Wallets seemingly unaffected by the breach include Geth, MyEtherWallet and single-user accounts created on Parity.<\/p>\n

Parity updated its post as of today stating that future versions of their multisig wallets are secure:<\/p>\n

\u201cFuture multi-sig wallets created by versions of Parity are secure (Fix in the code is [here<\/a>] and the newly registered code is [here<\/a>]).\u201d<\/p>\n

Swarm City also posted<\/a> information for users affected by the hack:<\/p>\n

\u201cIf you do have funds in the multisig contract: carefully move your funds to a new account ASAP. If your funds are no longer in your multisig, please check the Black hat and White hat addresses. They might have been saved by the White hat group.\u201d<\/p>\n

To check on funds held by either the black hat or the white hat hackers, see the ETH addresses below:<\/p>\n

White Hat Group\u2019s wallet: 0x1DBA1131000664b884A1Ba238464159892252D3a <\/a><\/p>\n

First hacker\u2019s wallet: 0xB3764761E297D6f121e79C32A65829Cd1dDb4D32 <\/a><\/p>\n

Second attacker\u2019s wallet: 0x1Ff21eCa1c3ba96ed53783aB9C92FfbF77862584<\/a><\/p>\n

The hacks have not only affected the wallets of the victims but also the overall price of ether. According to Coin Market Cap\u2019s stats<\/a>, the price experienced a 15 percent drop from $234.94 (at 0:04, July 19) to $199.70 at the end of the day. However, ETH has since recovered to around $227 today.<\/p>\n","protected":false},"excerpt":{"rendered":"

Criminals have stolen $32 million worth of ether from multisig wallets due to issues with the Parity client.<\/p>\n","protected":false},"author":3533,"featured_media":23471,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[2037,621,2606,356,3539,163],"class_list":{"0":"post-23470","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"tag-ether","9":"tag-ethereum","10":"tag-hacks","11":"tag-multisig","12":"tag-parity","13":"tag-wallets"},"author_data":{"id":3533,"name":"Benjamin Vitaris","nicename":"benjamin-vitaris","avatar_url":"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/12\/benjamin-vitaris-promo-image-96x96.jpg"},"featured_image_url":"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/11\/white-hats-step-in-to-save-funds-from-vulnerable-ether-wallets.jpg","_links":{"self":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/23470","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/users\/3533"}],"replies":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/comments?post=23470"}],"version-history":[{"count":0,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/23470\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media\/23471"}],"wp:attachment":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media?parent=23470"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/categories?post=23470"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/tags?post=23470"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}