The company said in a notice [graphic below] on the proprietary freeware instant messaging and VoIP application and digital distribution platform Discord that its cold wallet had been compromised and two large withdrawals made.
Allegedly an inside job but reported as a hack so that’s what I’m sticking with for now..— Alon Gal (Under the Breach) (@UnderTheBreach) October 26, 2020
A cold wallet is one that has never been connected to the Internet. Alon Gal, chief technology officer of cyber crime intelligence company Hudson Rock, posted the notice on Twitter.
EtherCrash provided the addresses to which the transfers were made and said it had changed its sweeping address.
The company said it was open to ideas "on how we can make things right".
Asked whether there had been other thefts from EtherCrash, Gal told iTWire that he had been referring to other hacks at other companies in his tweet which read: "Another hack of around $2,500,000 happened today on EtherCrash."
He said he was referring to the attack at decentralised finance player Harvest Finance (see tweet below) which lost about US$24 million last week.
Another day another crypto hack.— Alon Gal (Under the Breach) (@UnderTheBreach) October 26, 2020
$25,000,000 stolen from DeFi project “Harvest Finance” through a contract exploit.
Hacker gave back $2,500,000 and the project’s developers are offering $100,000 to track the thief, claiming he is likely a well known persona in the crypto world. pic.twitter.com/uwB4R6qfwU