The value of the Ethereum digital currency is plummeting following a hack on The DAO’s Ethereum holdings. The DAO is a decentralized and virtual organization that was established to fund new projects, it has chosen the Ethereum as digital currency for its operations. The DAO is the single largest holder of Ether (15% of the total amount of Ether), it was in possession of more than 9.2 million of Ther prior to the hack, the hackers stolen 3.6m of Ether.
According to the experts, the attackers have exploited a known vulnerability, a circumstance confirmed by Vitalik Buterin, the founder of Ethereum.
“An attack has been found and exploited in the DAO, and the attacker is currently in the process of draining the ether contained in the DAO into a child DAO. The attack is a recursive calling vulnerability, where an attacker called the ‘split’ function, and then calls the split function recursively inside of the split, thereby collecting ether many times over in a single transaction.” Buterin announced in a Pastebin post.
The consequences of the incident highlight the volatility of current cryptocurrencies, the news of the hack caused a massive sale of holdings by the holders of the cryptocurrency.
In a few hours, the value of the Ethereum digital currency dropped from $21.16 to $14.66.
Where are the stolen Ether?
The analysis of the transactions from the Etherchain shows that leaked ether is in a child DAO, this implies that the attacker will not be able to withdraw any ether at least for another ~27 days.
“The leaked ether is in a child DAO at https://etherchain.org/account/0x304a554a310c7e546dfe434669c62820b7d83490; even if no action is taken, the attacker will not be able to withdraw any ether at least for another ~27 days (the creation window for the child DAO). This is an issue that affects the DAO specifically; Ethereum itself is perfectly safe.” wrote Buterin.
In response to the hack, the Ethereum community has proposed a ‘soft fork’ in order to block any transaction that moves the Ether out of the child DAO account after the 27-day period, then a ‘hard fork’ “will allow holders to recover their money.
The idea is not accepted by everyone, many believe that the hardfork could cause the disruption of the Ethereum currency.
It’s absurd that is a decentralized system someone will take action like a centralized authority to solve this issue.
“Not everyone is happy about the idea, however. When the currency’s website fell over as a result of the traffic, discussion moved to Reddit where one poster reiterated what many had been saying: “A hardfork is a very bad idea. Let the DAO burn but save Ethereum.” reported El Reg.
“Others have pointed out the irony of The DAO – which doesn’t have a leader or even a list of members – relying on a centralized authority to save itself.”
The conflict threatens to bring down the credibility of the entire currency.
While a was writing, the alleged attacker published a note on PasteBin, claiming that the money drained from the system is now legally his.
“I have carefully examined the code of The DAO and decided to participate after finding the feature where splitting is rewarded with additional ether,” the note reads. “I… have rightfully claimed 3,641,694 ether, and would like to thank the DAO for this reward,” the note reads. “I am disappointed by those who are characterizing the use of this intentional feature as ‘theft.’”
The author of the note threatens legal action against any who attempt to reclaim the money through technical means.
(Security Affairs – Ethereum, Hack)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.