SpankChain XXX Crypto Token Experiences $40,000 Hack in Ethereum (ETH)


SpankChain Hack $40K Loss

On October 9, 2018, SpankChain, a cryptocurrency project in the adult industry, reported that it has been the victim of a breach that has led to the theft of $40,000 in Ethereum (ETH).

The platform issued a block post in which the SpankChain platform’s team disclosed the hack. Interestingly enough, the post indicates that the hack took place on Sunday, but is only reporting it two days later.

The platform also reported that the hack was due to a bug on the network’s payment channel smart contract, which has also led to the freeze of $4,000 in SpainChain’s BOOTY token. Specifically, the platform posted:

“Unfortunately, as we were in the middle of investigating other smart contract bugs, we didn’t realize the hack had taken place until 7:00pm PST Sunday, at which point we took Spank.Live offline to prevent any additional funds from being deposited into the payment channels smart contract.”

Of the $40,000 in stolen cryptocurrency, $9,300 worth of ETH and BOOTY belonged to the platform’s users. The remainder of the funds belonged to the project. The platform indicated that it will send refunds:

“directly to users’ SpankPay accounts and will be available as soon as we reboot Spank.Live.”

The platform also warned of a 2-3 days’ delay while its developers work to patch the issues that led to the hack and to redeploy a new smart contract. The platform’s developers are also working to resolve outstanding smart contract issues. This activity may limit the use of BOOTY tokens.

The team also reported that the attack arose due to a “reentrancy” bug similar to the one responsible for the DAO hack in 2016. Specifically, the platform stated:

“The attacker created a malicious contract masquerading as an ERC20 token, where the ‘transfer’ function called back into the payment channel contract multiple claim, draining some ETH each time.”

The platform conceded that it refused to pay for a security audit for the payment channel contract because of the cost involved. In its post, the platform reported that

“taking into account both the perception value and opportunity cost of the time spent reacting to the hack, it would have been worth it.”

Finally, the platform concluded its post by pledging that it will improve security practices by “making sure to get multiple internal audits for any smart contract code we publish, as well as at least one professional external audit.”

Get Daily Headlines

Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

What to Know More?

Join Our Telegram Group to Receive Live Updates on The Latest Blockchain & Crypto News From Your Favorite Projects

Join Our Telegram

Stay Up to Date!

Join us on Twitter to Get The Latest Trading Signals, Blockchain News, and Daily Communication with Crypto Users!

Join Our Twitter

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry, you must be logged in to post a comment.
Bitcoin Exchange Guide