EtherDelta, a decentralized trading platform for ether and ether-based tokens, experienced a DNS hijack last week. This incident adds up to the rapidly growing list of cryptocurrency-related hacks. This one is particularly shocking, as EtherDelta is reported to be among the world’s top 75 trading sites.
The hack was more than an ordinary phishing attack. The hacker had hijacked the actual website’s DNS server and put up a fake version of the site that was visible to whoever visited. Anyone who used the EtherDelta website on December 20th experienced the attack. Users were unknowingly served a fake version of the website.
EtherDelta’s first response to the attack was a tweet warning users not to use their website. The company later tweeted that two kinds of users are “completely safe from the phishing attack.” The first category was of people using metamask or hardware wallet on EtherDelta. Second was said to be those that never had entered their private keys on the fake website.
The website was declared safe last Friday. If the affected users’ complaints are to be believed, then none of the exchange’s clients are safe, even now. There are users who did not lose anything at the time of hack, but are now losing funds. Considering the company’s daily trading volume of $11 million, criticism from users is inevitable.
Thousands of dollars stolen
EtherDelta has confirmed that at least 308 ETH has been lost as a result of this attack. Total loss is estimated to be around $270,000, plus hundreds of thousands of dollars lost in the form of tokens. The hacking incident is obviously not the first of its kind.
Cryptocurrency miner, NiceHash, experienced a hack just two weeks prior to this incident. NiceHash has been fixed and is currently working again. South Korea-based Youbit was not as lucky. After being hacked twice this year, the exchange filed for bankruptcy. Tether, a startup working with bitcoin exchanges, reported a loss of $31 million in a similar incident last month.
Early reports agreed that the EtherDelta attack had been mitigated and the only accounts affected were those used in the specified interval of time. However, recent complaints from affected clients tell a different story. Users have taken to social media to share stories of their accounts being wiped a week after the incident. Some of the victims even denied having used the website on the day of the hack.