The Adult entertainment crypto-based project SpankChain was anonymously hacked and suffered a loss of 165.38 ETH, around $38000 reported by the firm on its Medium page on October 9.
The hack which originally took place on Saturday at 6.00 pm PST was spotted by Spank Chain a day after, and was disclosed today in a blog post dubbed “We Got Spanked: What We Know So Far”. Incognito hackers managed to breach the system and flee with 165.38 ETH from the firm’s payment channel smart contract.
In addition to this, the hack caused the arrest of $4000 which is worth of project’s internal token known as BOOTY. Though most of the funds belong to the firm itself, SpankChain claimed that client refunds are of foremost importance. The firm will soon reimburse $9300 worth of Ethereum and ICO tokens directly to users account through Airdrop.
The SpankChain developers were in the midst of inspecting smart contract bugs at the time of the attack. Consequently, the firm was unaware of the hack had taken place until 7.00 pm PST on Sunday.
So the company instantly made Spank.Live offline in order to prevent any future funds from being deposited into the payment channel smart contract. It is anticipated that the website reboot will take around two to three days in order to reset all the system including resetting the smart contract and native token distribution, remove the security bugs and implement airdrop reimbursements.
The developers of SpankChain have deciphered that the hacker exploited a“reentrancy” bug alike the one exploited in the DAO (The Decentralized Autonomous Organization) attack.
The attacker trespassed the reentrancy bug, created a malicious contract impersonating as an ERC20 token in which the transfer function was called back into the smart contract a number of times, draining ethereum every time, the reports explained.
According to the reports, the firm has stated that it will be enhancing its security policies as well as guarantee multiple internal system audits and one external audit for any smart contract code established.
Basically, a smart contract is a crypto contract which controls the transfer of cryptocurrencies between parties under a certain set of protocols. It automatically enforces the obligations specified for the transaction to take place.
Though the smart contracts are difficult to hack, they are still in their infancy and will take time to mature.
Comments
Post a Comment