• X
  • Listen in to our latest podcast!

    November 8, 2017

    Attack on popular Ethereum wallet results in the lock-up of over 500,000 Ether

    Parity vulnerability locks up Ethereum

    :An anonymous group has exploited a vulnerability in Parity’s multi-signature Ethereum wallets, resulting in the lock-up of over 500,000 Ether.

    Ethereum has enjoyed consolidation around the $300 USD mark in recent weeks despite Bitcoin’s meteoric gains, though now the cryptocurrency is in the midst of a new attack which has succeed in locking up over a reported 500,000 Ether.

    Parity Technologies – the firm behind popular wallet service Parity – disclosed a new vulnerability in its services that has been targeted by an anonymous group.

    Read: The United Nations leverages the Ethereum Blockchain to send aid to Syria

    The issue affects multi-signature wallets, which itself uses the consent of multiple different parties for security on transactions. The issue specifically pertains to multi-signature Parity wallets that were deployed after the 20th of July this year.

    Previously this year, a vulnerability within Parity’s services reportedly led to the theft of over 150,000 Ether.

    On the firm’s official website, the company explained that:

    Following the fix for the original multi-sig issue that had been exploited on 19th of July (function visibility), a new version of the Parity Wallet library contract was deployed on 20th of July. However that code still contained another issue – it was possible to turn the Parity Wallet library contract into a regular multi-sig wallet and become an owner of it by calling the initWallet function. It would seem that issue was triggered accidentally 6th Nov 2017 02:33:47 PM +UTC and subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library.

    Though no reports have surfaced that indicate that any Ether has been stolen, Parity has clarified that the funds are still frozen and are immovable.

    Though Parity itself has disclosed that the total Ether at risk is speculative, estimates have predicted that anywhere from 500,000 to 600,000 worth of Ether could be frozen.

    Read: As Bitcoin booms, the Winklevoss Twins’ investment could close in on $1 billion dollar value

    We’ll update this story as news develops.

    What are your thoughts? Be sure to let us know your opinion in the comments below!

    Follow Bryan Smith on Twitter: @bryansmithSA

    Listen in to our latest podcast!