Receive all Cointelegraph news immediately in Telegram.
MIT grad and Enigma CEOs email comprised and thousands of Ether are stolen
Enigma, a decentralized investment platform, has become the latest to fall victim to ICO hacking.
In an ironic twist, after the hack of Coindash’s website during an ICO, Can Kigasun, co-founder and Chief Product officer even told Business Insider that Enigma has a simple solution that can prevent similar situations from happening in the future.
To be exact, the Enigma platform wasn’t hacked, but rather the founder’s email and password were stolen, and then used to take over the company slack, website and the google account that was hosting the pre-sale form.
The access has since been deactivated.
In an even more compelling twist, the founder’s email and password were taken during the Ashley Madison hack, and he never ended up changing passwords.
In fact, the company itself didn’t wind up losing any money in the attack.
Once the attackers had access to the company’s website and slack, they sent out messages to over 9,000 users.
They changed the website with their BTC and ETH wallet address and made fake emails that included a community list, to make it look more official, and urged the users to send money to their personal wallet.
The hackers made off with 1,492 in Ether coins, despite the warning Enigma issued previously to the community that it would not be collecting money in this manner prior to its ICO next month.
IMPT: read the following info from Enigma re: recent scam attempt. Join our Telegram to speak with team admins: https://t.co/SSGIsJ2ZWe pic.twitter.com/mM5mcaAzqG— Enigma Project (@EnigmaMPC) August 21, 2017
IMPT: read the following info from Enigma re: recent scam attempt. Join our Telegram to speak with team admins: https://t.co/SSGIsJ2ZWe pic.twitter.com/mM5mcaAzqG
Enigma has since regained control of their Web pages and have said the dedicated token sale site was not affected.
A company spokesperson said, “It resides on a separate, more secure server which was never compromised.”
Additionally, the company stated they have implemented new security measures such as stronger passwords and two-factor authentication (2FA) for all employee email accounts.
Enigma’s response was swift, but too little too late, particularly for a company that prided itself on security and data safety. The irony here can’t be ignored.
Follow us on Facebook
For updates and exclusive offers, enter your e-mail below.
One fine body…
Thank you for contacting us! We will reply to you as soon as possible.
Thank you for your interest in our franchise program.
We are considering your request and will contact you in due course. If you have any further queries, please contact:
Reset letter sent.
Please checkout your mailbox for password reset details