EtherDelta Hack Metamask
3 min read

Fallout from the EtherDelta Hack Continues

By Editorial Team

Last week we reported about the EtherDelta DNS hack that saw attackers compromise the DNS servers of the exchange and take users to a malicious server.

At the time, the guidance was to avoid logging into the site. Users were told that their funds were safe if they did not enter the private keys.

However, after one week of the exchanged being compromised, users are still getting their coins stolen. This is happening irrespective if they are inserting their details or not.

False Sense of Security

The hack was initially disclosed by EtherDelta as a DNS hack that had being able to snag at least 308 ETH from unfortunate users.

This was no doubt quite a sophisticated scam as the attacker was able to set up a fake address and site that looked nearly identical to the real EtherDelta site.

For those users who only accessed the site through MyEtherWallet and Metamask, they were told that they were not affected by the hack.

However, this appears to have been misleading information.

According to a number of users on twitter, the attack may have been much more damaging than was initially suspected. One of those people who raised the alarm was “Tommy World Power”.

This tweet happened six days after the hack and he claimed that he was not worried because he thought that using Metamask was safe.

Tommy has since been really busy trying to track down the hacker who was able to snatch his coins. He has reached out to Binance and has also placed a bounty of $100,000 for information.

More Victims Come Forward

After Tommy was able to disclose the theft of his coins, numerous other users started reporting similar thefts.

The Twitter account of EtherDelta was inundated with angry users who could not believe that they were initially told that their funds were safe on the exchange.

For example, there was this user who responded to the tweet by Etherdelta. He claims that his funds were stolen even though he did not use the site when the hack took place.

https://twitter.com/balajisi63/status/945385751453323265

This can either mean one of two things. It could mean that the site was compromised much earlier than initially thought or it could mean that the hackers have access to private keys.

Both of these scenarios are quite terrifying.

An Active Hacker

The address that the funds were sent to has been flagged previously as a “Fake_Phishing306” address. This means that the hacker was taking part in a number of phishing scams previously.

Phishing scams are really common in cryptocurrencies as they rely on the sloppiness of the user not to pick up that a domain is off or a page looks suspicious.

In this case, the hackers controlled the domain so were likely to make an extremely convincing phishing site. At last count, the hackers address had over $4.9m.

Another Lesson in Security

Many were of the view that a decentralised exchange would have numerous security benefits over their centralised counterparts and were much less likely to be hacked.

This is clearly an unfortunate occurrence for the adherents.

In this case, the hacker was able to take advantage of another centralised attack target, the DNS servers. The hope is that when Ethereum Name Service domains are released, this could be prevented.

In the meantime, traders should always rely on offline storage options such as a hardware wallet or other cold storage.

Keeping money on an exchange exposes the trader to a number of risks that they may end up regretting.

Featured Image via Fotolia

Editors at large. Posting the latest news, reviews and analysis to hit the blockchain.
View all posts by Editorial Team -> Best Crypto Deals ->

Latest Posts

Best Crypto Exchanges in 2022

Best Crypto Exchanges in 2022

July 6, 2022 16 min read
Trader Joe Review
Trader Joe Review 2022: Complete Guide to the Top DEX on Avalanche
Trader Joe Review

Trader Joe Review 2022: Complete Guide to the Top DEX on Avalanche

July 2, 2022 30 min read
Huobi Global Review
Huobi Global Review 2022: Good Exchange with DEEP Liquidity
Huobi Global Review

Huobi Global Review 2022: Good Exchange with DEEP Liquidity

June 29, 2022 37 min read
FTX vs FTX US Review
FTX vs FTX US: Which one is BEST for You?
FTX vs FTX US Review

FTX vs FTX US: Which one is BEST for You?

June 27, 2022 14 min read
Bancor Review
Bancor Review: Impermanent Loss Protector?
Bancor Review

Bancor Review: Impermanent Loss Protector?

June 22, 2022 15 min read
Bridge Mutual Review
Bridge Mutual: Insurance for your Crypto
Bridge Mutual Review

Bridge Mutual: Insurance for your Crypto

June 22nd, 2022 22 min read
Serum Review
Serum Review: Solana’s One-Stop DeFi Toolbelt
Serum Review

Serum Review: Solana’s One-Stop DeFi Toolbelt

June 16, 2022 17 min read

Related Posts

Best Crypto Exchanges in 2022

Best Crypto Exchanges in 2022

July 6, 2022 16 min read
Trader Joe Review
Trader Joe Review 2022: Complete Guide to the Top DEX on Avalanche
Trader Joe Review

Trader Joe Review 2022: Complete Guide to the Top DEX on Avalanche

July 2, 2022 30 min read
Huobi Global Review
Huobi Global Review 2022: Good Exchange with DEEP Liquidity
Huobi Global Review

Huobi Global Review 2022: Good Exchange with DEEP Liquidity

June 29, 2022 37 min read
FTX vs FTX US Review
FTX vs FTX US: Which one is BEST for You?
FTX vs FTX US Review

FTX vs FTX US: Which one is BEST for You?

June 27, 2022 14 min read
Bancor Review
Bancor Review: Impermanent Loss Protector?
Bancor Review

Bancor Review: Impermanent Loss Protector?

June 22, 2022 15 min read
Bridge Mutual Review
Bridge Mutual: Insurance for your Crypto
Bridge Mutual Review

Bridge Mutual: Insurance for your Crypto

June 22nd, 2022 22 min read
Raydium Review: Solana’s DeFi Liquidity Mammoth

Raydium Review: Solana’s DeFi Liquidity Mammoth

June 11, 2022 17 min read