Hackers have reportedly used stolen contact details to trick investors into sending funds to a fake trading platform digital wallet, but some allege poor password security is to blame
Just weeks before Enigma’s initial coin offering (ICO), the cryptocurrency trading platform claims to have been hacked and prospective customers robbed of about $500,000 worth of Ethereum.
The unknown attackers compromised Enigma’s domain, Slack channel and certain email lists, according to the firm’s website.
The attackers then set up a fake website and sent emails to investors who had expressed interest in Enigma’s pre-sales of crypto tokens ahead of its official ICO on 11 September, tricking some into sending funds in Ethereum, reports The Hacker News.
According to Enigma, it is working “diligently to resolve the issues”, but in the meantime the company is urging investors not to send Ethereum funds to any address purporting to be Enigma’s.
Enigma also said it is working with the bitcoin exchange Bitfinex to freeze accounts to stop the stolen Ethereum from being moved.
The company took to Twitter to warn users and give assurances that it has regained control of all compromised accounts, including the website.
Engima said it has deactivated Slack and for now the official communication channels will be Telegram and Twitter.
It said no company funds were stolen, and no users’ wallet addresses, passwords and private keys were stolen. The firm also confirmed that its social media accounts, including Twitter, Facebook, Telegram and the firm’s blog, have not been hacked.
However, a Reddit user claims the company was not hacked at all, but that Enigma’s co-founder and CEO, Guy Zyskind, was compromised because of poor password security.
According to the Reddit post, Zyskind’s email address is listed in a 2016 compromise on the HaveIBeenPwned website, but had failed to change his password since then.
This meant his password was available to the attackers, which the Reddit user points out could have been used to access Enigma’s website, Slack account and Google account to change the destination account for funds and spam investors on the company’s email lists.
So far, there has been no official response by Enigma to the claims that Zyskind’s accounts were compromised. A spokesperson told TechCrunchthat “certain team passwords were compromised for the enigma.co landing page and Slack”, but said the website for the Enigma token sale was not affected.
Using its Telegram account, Enigma said it is changing all passwords, introducing two-factor authentication and taking other security precautions, such as “proper access control management”, which security commentators have said should have been in place from the start.
“Give us some time and we will soon announce the next steps that concern the victims of this attack,” the company said.
Cryptocurrencies are an increasingly popular target for cyber criminals, with the Classic Ether Wallet, Coindash, Veritaseum, the Parity wallet and Bittrex all incurring losses recently.