Ethereum Wallet’s Hacked, not “Buggy”
On November 7 Parity, a popular Ethereum wallet service announced that all owners of their multi-signature Ethereum wallets made from July 20 onward were unavailable until further notice. An estimated 280 million were frozen due to a software flaw that was “accidentally” triggered by a single user.
This user claimed that when they created a wallet with Parity, it was “buggy” and deleted it immediately afterward. Evidently, this caused a chain reaction which shut down around 70 wallets, potentially permanently, due to poor coding on Parity’s part. The status of these funds is yet to be determined.
News has recently come to light from a startup that this disaster was not accidental at all, and they have evidence to back that claim up.
Cappasity is a startup company that used Ethereum as part of the ICO for their AR and VR 3D model marketplace. They claim the 3,264 ether that Parity’s multi-signature wallets hosted are now lost.
The user to blame for the shutdown of the wallets was known as devops199. Parity’s initial report claimed his actions were accidental, but Cappasity is conducting an internal investigation on the subject.
Cappasity followed the actions of devops199 and discovered that he had been attempting to change the ownership and kill the smart contracts on Cappasity’s and Polkadot’s tokens. After a series of attempts, the user eventually set off the bug that ended up freezing many wallets.
The founder of Cappasity, Kosta Popov, made a statement on this matter letting their investors and customers know that the hack has nothing to do with their platform and that they are secure outside of the frozen wallets. Beyond that, their BTC wallets are perfectly fine, and this did not affect other company’s accounts that were connected to Cappasity.
“Our internal investigation has demonstrated that the actions on the part of devops199 were deliberate…When you are tracking all their transactions, you realize that they were deliberate…Therefore, we tend to think that it was not an accident. We suppose that this was a deliberate hacking…We believe that if the situation is not successfully resolved in the nearest future, contacting law enforcement agencies may be the right next step.”
Recovering Parity Wallets
Parity has not yet given an update on the recovery of these wallets. The funds currently remain untouched, but they are inaccessible all the same. The total of Ethereum Cappasity is out, if these funds do not become liquid, totals nearly $1 million.
The Parity debate hearkens back to the fall of Mt. Gox back in the earlier days of BTC, where millions were lost due to the ineptitude of a trusted company. Hopefully, this ends well for people like Popov, but it seems like there’s a long road yet ahead to recovering these funds.