Source: Sophos Naked Security
On the evening of June 29 (ET), users of Classic Ether Wallet were alerted to the sort of news anyone who invests in cryptocurrencies must dread.
It’s not clear who first noticed that something was awry with the the wallet’s classicetherwallet.com domain, but Twitter was soon spewing warnings. By the early hours of the following morning,
the Ethereum Classic cryptocurrency feed offered this confirmation that something unusual was up:
*Warning* We have reason to believe https://ClassicEtherWallet.com has been hijacked. Do not use!!
By the time Cloudflare started warning visitors to the domain about a phishing attack, the news started to sink in: an attacker had taken control of the domain, which meant that anyone using accounts on it to store Ethereum Classic (ETC) currency in it (1 ETC = roughly $18) from the moment of the takeover would potentially have had them pilfered.
With panic setting in, and no quick way to take back the hijacked domain or have it blacklisted until Cloudflare stepped in, some users reportedly even suggested launching a defensive DDoS attack on it to render it unreachable.
Comments on a Reddit thread suggest that hundreds of users might have lost currency worth several hundred thousand dollars, with the attacker manually transferring sums out in small batches. Addresses and keys deposited before the attack were said to be safe.
How on earth did it come to this?
Hackers successfully targeting cryptocurrency wallets used to store virtual currency in supposed safety is far from a new phenomenon. What grabs the attention with this attack – and will doubtless lead to soul-searching – is the relatively simple weakness exploited to pull it off.
For background, Ethereum is actually two currencies: plain Ethereum (ETH) and the Ethereum Classic involved in this incident. How Ethereum came to fork this way is a rather involved story connected to a hack of the currency’s Decentralized Autonomous Organization (DAO) crowdfunding initiative in 2016, which readers can read up on from a number of sources.
Read more here.