A Hacker Just Stole $5.7 Million from Social Token Startup Roll
upstart writes in with an IRC submission for c0lo:
A Hacker Just Stole $5.7 Million From Social Token Startup Roll:
Over the weekend, hackers stole millions of dollars in crypto from Roll, a social currency startup that allows so-called "creatives" to launch and manage their own Ethereum blockchain-based money systems.
According to the company, someone managed to get inside its "hot wallet" early Sunday morning, making off with the equivalent of $5.7 million in currencies. (A "hot wallet" is basically an online crypto-bank account.) The hacker then sold the tokens on Uniswap, a crypto exchange platform. Roll said the hack seems to have occurred via a compromise of one of the wallet's "private keys," which is the equivalent of someone learning your master password.
"As of this writing, [the cause appears to be] a compromise of the private keys of our hot wallet and not a bug in the Roll smart contracts or any token contracts," the company said in a statement Sunday. "We are investigating this with our infrastructure provider and law enforcement." The company further promised to do a third-party security audit and a forensic analysis to "figure out how the key was compromised," as it's currently unclear how the hacker got their hands on it.
Read more of this story at SoylentNews.