Share this article
SpankChain Loses $40K in Hack Due to Smart Contract Bug
SpankChain, a cryptocurrency project focused on the adult industry, lost almost $40,000 due to a smart contract flaw on Saturday.
Updated Sep 13, 2021, 8:28 a.m. Published Oct 9, 2018, 2:00 p.m.
Make us preferred on Google
SpankChain, a cryptocurrency project focused on the adult industry, has suffered a breach that saw almost $40,000 in ethereum stolen.
In a blog post published Tuesday, the SpankChain team disclosed the hack, saying 165.38 ETH (worth around $38,000 at the time) had been lost at around 18:00 PST on Saturday. The intrusion, which the post said was made possible by a bug in the network's payment channel smart contract, also caused $4,000 in SpankChain's BOOTY token to be frozen.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
It apparently took over 24 hours for the project to realize the hack had taken place, with the post stating:
"Unfortunately, as we were in the middle of investigating other smart contract bugs, we didn't realize the hack had taken place until 7:00pm PST Sunday, at which point we took Spank.Live offline to prevent any additional funds from being deposited into the payment channels smart contract."
Of the cryptos stolen, $9,300 worth of ETH and BOOTY belonged to users, and the remainder to the project. According to the blog post, full refunds will be "sent directly to users' SpankPay accounts, and will be available as soon as we reboot Spank.Live."
SpankChain warned of 2–3 days' delay ahead while its developers patch the issue behind the hack, redeploy a new smart contract and fix the other contract issues that were already being worked on. Limits on the use of BOOTY tokens have also been put in place temporarily.
So far, the team says, it seems the attack was due to a "reentrancy" bug, similar to the one that allowed a major hack of The DAO crypto project in 2016.
"The attacker created a malicious contract masquerading as an ERC20 token, where the 'transfer' function called back into the payment channel contract multiple times, draining some ETH each time," the team said, adding that it will undertake an "in-depth investigation of the attack" in the coming days.
SpankChain further conceded it had decided not to pay for a security audit for the payment channel contract due to the costs involved, However, "taking into account both the perception value and opportunity cost of the time spent reacting to the hack, it would have been worth it," the post says.
The firm concluded by pledging it would improve its security practices, "making sure to get multiple internal audits for any smart contract code we publish, as well as at least one professional external audit."
Adult content image via Shutterstock
More For You
KuCoin captured a record share of centralised exchange volume in 2025, with more than $1.25tn traded as its volumes grew faster than the wider crypto market.
What to know:
- KuCoin recorded over $1.25 trillion in total trading volume in 2025, equivalent to an average of roughly $114 billion per month, marking its strongest year on record.
- This performance translated into an all-time high share of centralised exchange volume, as KuCoin’s activity expanded faster than aggregate CEX volumes, which slowed during periods of lower market volatility.
- Spot and derivatives volumes were evenly split, each exceeding $500 billion for the year, signalling broad-based usage rather than reliance on a single product line.
- Altcoins accounted for the majority of trading activity, reinforcing KuCoin’s role as a primary liquidity venue beyond BTC and ETH at a time when majors saw more muted turnover.
- Even as overall crypto volumes softened mid-year, KuCoin maintained elevated baseline activity, indicating structurally higher user engagement rather than short-lived volume spikes.
More For You
Cathie Wood’s ARK Invest files for two crypto index ETFs tied to CoinDesk 20
One proposed fund will attempt to exactly mimic the CoinDesk 20, but the other would track the index, excluding bitcoin.
What to know:
- ARK Invest has filed with U.S. regulators to launch two cryptocurrency ETFs tracking the CoinDesk 20 index.
- One proposed fund would track the CoinDesk 20, which provides exposure to major tokens, including bitcoin, ether, solana, XRP, and cardano. The other would track the same index, but exclude bitcoin, by pairing long index futures with short bitcoin futures.
- The funds, which would list on NYSE Arca if approved, aim to offer diversified crypto exposure without direct token custody and follow similar, still-unapproved crypto index ETF proposals from WisdomTree and ProShares.
Top Stories
