ICO Fundraising Platform KICKICO Loses $7.7 Million in Smart Contract Breach

27.07.2018

KICKICO, an initial coin offering (ICO) project that helps other ICOs raise funds, was hacked on July 26, with hackers successfully making off with more than 70 million KICK tokens worth about $7.7 million.

The company disclosed the theft of KICK tokens in a July 26 blog post, saying that the security breach “resulted in the attackers gaining access to the account of the KICK smart contract .” KICKICO discovered the breach after several victims “did not find tokens worth 800 thousand dollars in their wallets.”

Hackers were able to obtain the private key of the KickCoin smart contract, thereby gaining direct access to the smart contract of the KICKICO blockchain network. In the period that the hackers accessed the KickCoin smart contract, they were able to destroy 40 wallet addresses and create 40 new addresses under their own control.

New wallet addresses contained identical balances as those addresses that were destroyed, so the overall amount of KICK remained the same. The smart contract breach essentially enabled attackers to steal user funds from 40 different accounts.

The breach was discovered within several hours thanks to the “rapid response” of the KICKICO community and “coordinated team work,” allowing KICKICO “to regain control over the tokens and prevent further possible losses by replacing the compromised private key with the private key of the cold storage.”

KICKICO emphasized that it will fully reimburse the owners of the 40 accounts with KICK and recreate the 40 wallets that were compromised.

The KICKICO smart contract breach resembles a successful hacking attack on Bancor on July 9. In the Bancor attack, hackers managed to take control of a wallet “used to upgrade some smart contracts,” enabling them to steal about 25,000 ETH, worth about $12.5 million, and about 230 million Pundi X tokens (NPXS) worth about $1 million.

Latest news

15.08.2018
Japanese Messaging Giant LINE Launches $10 Million Blockchain Venture Fund LINE, Japan’s largest messaging app, launched “Unblock Ventures,” a $10 million token venture fund focusing on blockchain startups and initial coin offerings (ICOs).
15.08.2018
SEC Hits ICO Scammer with $30,000 Fine and Lifetime Trading Ban The founder of a fraudulent ICO project was issued a $30,000 fine, barred from serving as the director or officer of any publicly traded company, and banned from trading penny stocks for life by the U.S. SEC.
15.08.2018
Venezuela’s Next Step: a Central Bank For Cryptocurrencies The National Constitutional Assembly plans to reform the country’s 1999 Constitution to include a Central Bank for cryptocurrencies.