Yesterday, news surfaced about a vulnerability in multisig Parity wallets found and exploited by malicious hackers:Severity: Critical Product affected: Parity Wallet Affected implementations: Parity 1.5 or later Summary: A vulnerability in a version of the multi-sig contract wallet.sol has been reported. Mitigation steps: Any user with funds in a multi-sig wallet created in Parity with the affected implementations should immediately move their funds to a secure address. Source: The official Parity blog
It has been reported that more than 153,000 ETH (appr. $32 million) were stolen from three Edgeless Casino, Swarm City and Aeternity.
A group of white-hat hackers who call themselves the White Hat Group (WHG) detected the vulnerability and began exploiting it in order to protect other wallets that were exposed to it. The group managed to save over 377,00 ETH that is expected to be returned to the respective projects.
In the meantime, Parity patched the vulnerability that allowed for the exploit and did a postmortem on the attack.How does this affect AdEx
One of projects whose funding was preserved by the WHG was AdEx: we kept a part of the Ether we got from our crowdsale in precisely such a wallet. The rescued funds have been transferred to the following secure address:
While there were speculations on the legitimacy of the group at first, Parity reassured the affected multisig wallet owners by tweeting a link to a reddit thread, explaining that the WHG will deploy new multisig smart contracts for each of the wallets, and will then return the rescued funds to their original owners.How do we diversify and protect our funds
At the time of the attack, we had already secured a portion of the funding we received by converting it into fiat currencies. More importantly, we had set a hedging plan for the funds we secured through our token sale:20% of it is to be c...