Topic: A hacker stole $31M of Ether  - page 2. (Read 1139 times)

I think this is not a new attack but rather it happened around last month of this year. This is not new. And its not the flaw design in Ethereum or Smart contracts but rather the programmers faults. Its a simple design flaw that the hacker or group of hackers was able to exploit. Good thing the funds was not totally drain because of the action of the white hackers. And I think the funds has been released already to the right owners.


To really understand how the hacker exploited it. Here is a detail explanation:

http://haseebq.com/a-hacker-stole-31m-of-ether/

It's really the deveoper's fault, However, we are all human and prone to mistakes. I been a programmer myself and I have encountered a lot of design flaw. That's is why I moved to Software Testing or QA to found defects before releasing the software. However, I'm no longer in the IT industry anymore. 

what is source of this article because this happen before also this new hack again ..form where you get this news ??

Is there any explanation online on how the hack could have happend? The technical details behind it? This seems pretty big to me. Wondering why i haven't really heard about it.

Yesterday, a hacker pulled off the second biggest heist in the history of digital currencies.
Around 12:00 PST, an unknown attacker exploited a critical flaw in the Parity multi-signature wallet on the Ethereum network, draining three massive wallets of over $31,000,000 worth of Ether in a matter of minutes. Given a couple more hours, the hacker could’ve made off with over $180,000,000 from vulnerable wallets.
But someone stopped them.

Having sounded the alarm bells, a group of benevolent white-hat hackers from the Ethereum community rapidly organized. They analyzed the attack and realized that there was no way to reverse the thefts, yet many more wallets were vulnerable. Time was of the essence, so they saw only one available option: hack the remaining wallets before the attacker did.

By exploiting the same vulnerability, the white-hats hacked all of the remaining at-risk wallets and drained their accounts, effectively preventing the attacker from reaching any of the remaining $150,000,000.
Yes, you read that right.

To prevent the hacker from robbing any more banks, the white-hats wrote software to rob all of the remaining banks in the world. Once the money was safely stolen, they began the process of returning the funds to their respective account holders. The people who had their money saved by this heroic feat are now in the process of retrieving their funds.

It’s an extraordinary story, and it has significant implications for the world of cryptocurrencies.
It’s important to understand that this exploit was not a vulnerability in Ethereum or in Parity itself. Rather, it was a vulnerability in the default smart contract code that the Parity client gives the user for deploying multi-signature wallets.

This is all pretty complicated, so to make the details of this clear for everyone, this post is broken into three parts:
What exactly happened? An explanation of Ethereum, smart contracts, and multi-signature wallets.
How did they do it? A technical explanation of the attack (specifically for programmers).
What now? The attack’s implications about the future and security of smart contracts.


Courtesy by : Haseeb Qureshi