ICO launch platform KICKICO has announced that it suffered a “security breach” last week. However, it assures its investors that the issue is now “completely eliminated” and that all of its investors’ funds are now safe.
Of all the issues surrounding digital tokens, the risk of hacks is probably the biggest concern for both investors and regulators. Fortunately it seems that in this case at least there is a happy ending.
According to the company, the breach allowed hackers to gain “access to the account of the KICK smart contract” and so control the “tokens of the KICKICO platform.” The ICO was made aware of the issue after a series of its investors complained that tokens “worth 800 thousand dollars” were no longer in their wallets.
After an investigation KICKICO realised that in fact 70 million KICK tokens had been stolen, equivalent to $7.7 million at current exchange rates.
Compromised smart contract
The hack was made possible by the attackers gaining access to “the private key of the owner of the KickCoin smart contract,” though it is not clear how the hackers achieved that access.
70 million KICK tokens spread across 40 addresses were then destroyed, with an equivalent amount of tokens created in 40 addresses controlled by the hackers. Maintaining the same number of total tokens across the network helped to disguise the attack.
KICKICO says that “thanks to the rapid response of our community and our coordinated teamwork” it was able to “regain control over the tokens and prevent further possible losses” by switching the “compromised private key with the private key of the cold storage.”
The company assures its investors that “control over the smart contract has been fully restored” and asks that “all those whose tokens have been stolen” email the company to have those tokens returned. It states that “the situation is under control” and that it “guarantees to return all tokens.”
Image From Shutterstock