Yesterday evening, cryptocurrency exchange EtherDelta sent out a series of tweets warning its users not to use the site. EtherDelta is reporting that they believe their DNS server has been compromised by a hack, and the unknown assailant has created a duplicate of the exchange’s domain.
Their first warning tweet in the series reads:
Dear users, we have reason to believe that there had been malicious attacks that temporarily gained access to @etherdelta https://t.co/NnqU5Er4rj DNS server. We are investigating this issue right now - in the meantime please DONOT use the current site.— EtherDelta (@etherdelta) December 20, 2017
They described the phishing site to be a copy of their own site, but without the chat button on the navigation bar, nor the company’s official Twitter feed. It also holds fake order books.
⚠️ 2/2 *BE AWARE* The imposer's app has no CHAT button on the navigation bar nor the offical Twitter Feed on the bottom right. It is also populated with a fake order book.— EtherDelta (@etherdelta) December 20, 2017
Following the attack, the cryptocurrency exchange suspended services in the interest of safety. In the meanwhile, the alleged attacker’s Ether wallet has been flooded with warning comments from conscientious EtherDelta users.
Another day, another hack
The appeal of cryptocurrency is largely due to its decentralization and the freedom and anonymity that comes with it. But this lack of centralized and transparent authority does come with a price -- there’s often very little recourse in hacks, such as this one.
As the cryptocurrency market grows, more and more crypto-related services are experiencing attacks and proving vulnerable to them. Youbit, an exchange based in South Korea, recently had to declare bankruptcy after losing 17 percent of its net assets to several hacks, the first one taking place in April and losing a crippling 4,000 BTC.
Mining service NiceHash lost 4,700 BTC in a hack early December, which would be worth almost $80 mln today. Reports also point to North Korea for staging hacking attempts aimed at multiple exchanges in South Korea by using fake job offers and Facebook profiles to gain access to cryptocurrency exchanges.
Similar phishing attempts were made by a Twitter account that was spoofing OmiseGO while the team was announcing a possible AirDrop.
Meanwhile, the EtherDelta team has been doing their best to limit the attack by providing their users with a video showing them how to safely transfer their funds without opening the site.