Parity Wallet Hacker Cashes out $90,000 in Stolen Ether

Piggy-bank
20 July 2017

Roughly $90,000 in stolen ether confiscated as a result of a bug in a popular ethereum wallet software service yesterday have been cashed out, blockchain data shows.

As reported by CoinDesk, a total of 153,000 ethers were drained on July 19 due to a security bug in multi-signature wallet software offered by the startup, UK-based Parity Technologies. In a blog post yesterday, Parity went so far as to warn users that the bug was “critical,” advising them to take steps to safeguard their funds while the issue was resolved.

However, the stolen funds continue to move. As of press time, 70,000 ethers have exited the hacker’s address in seven consecutive transactions, each worth 10,000 ethers.

Data further shows the first transaction (which through two subsequent addresses), successfully cashed out 400 ethers via a cryptocurrency exchange service called Changelly. The price of ether around the transaction time was around $220, making an outflow worth nearly $90,000.

Changelly subsequently said in a Reddit thread that it has blacklisted the hacker’s root address, but that the amount that has already been exchanged is permanently gone. The startup’s involvement is also notable, as it provides a service that matches buyers and sellers of cryptocurrencies with exchanges, calculating the best rates for the user.

As a result, it does not hold funds or take customer information.

The startup further said the hacker used the Tor network to connect to its service, meaning it was not able to trace the IP addresses or the fiat currencies the funds were exchange for.

“It’s a dead end,” Changelly posted on Reddit.

So far, the commerce platform Swarm City and smart contract platform æternity, both confirmed the loss of over 120,000 ethers from their ends. A third suspected victim, Edgeless Casino, has yet to offer public comment.

Piggybank image via Shutterstock