Parity, an Ethereum Wallet Exploited. $31m allegedly stolen already

in ethereum •  2 years ago

A very very bad day for Ethereum.

Severity: Critical
Product affected: Parity Wallet
Affected implementations: Parity 1.5 or later
Summary: A vulnerability in a version of the multi-sig contract wallet.sol has been reported.
Mitigation steps: Any user with funds in a multi-sig wallet created in Parity with the affected implementations should immediately move their funds to a secure address.

Source: https://blog.parity.io/security-alert-high-2/

"Edgeless casino, swarm city, and aeternity have all been drained" --CF Slack

Source: https://twitter.com/coinfund_io/status/887757323036446720

Alleged Heist Address: https://etherscan.io/address/0xb3764761e297d6f121e79c32a65829cd1ddb4d32#internaltx

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

I guess this is the fix here? https://github.com/paritytech/parity/pull/6103/files

Can anyone explain the technical details of this bug/fix? I'll give a 100% upvote for good answers. ;-)

·

the significance is $31m

·
·

Yes, of course, but I am asking for a technical explanation of the patch I linked to. How was the previous version vulnerable, and how does the patch fix it? (Edited my comment to reflect this)

thx for the info

Wow that is not good PR for Ethereum

Wow, that's bad!

Dang, thats a big hit!

Shit... That's a hell of a paycheck!

coinfund_io CoinFund tweeted @ 19 Jul 2017 - 19:33 UTC

"Edgeless casino, swarm city, and aeternity have all been drained" --CF Slack #parityhack

Disclaimer: I am just a bot trying to be helpful.

Wow, the hits just keep on coming for Ethereum. Not good.

·

where are your coins really safe?

Resteeming - that's awful news for those with holdings.

This is why you use your own hardware wallets

·

it's also why wallets clearly need to be improved - and more hardware wallets need to be available - lots of opportunity for whoever cracks that nut!

I believe MyEtherWallet already stopped allowing Parity as an option to access wallets a month ago.

·

Yep, MEW is fine

·
·

Still absolutely crazy though that millions got stolen like that LOL

Buy more ERC-20 and then cry later.

the rest of the other crypto except that 31 million worth as take by a black hat during this situation has been drained by white hats.

Lol.. rekt

Covering eyes...