The move occurred after hackers exploited a smart contract bug on the protocol, according to an official release on Oct.9.
Live streaming service offline on locating the theft, and have since closed their camsite to prevent the transactions of stolen funds into the payment channel's smart contract.
For the uninitiated, SpankChain's is a multi-token protocol which utilizes SPANK tokens for staking purposes and creating smart contracts.
Live with a new smart contract to prevent a repeat, and fix bugs discovered during the BOOTY upgrade.
As part of the smart contract's inbuilt security, 4,000 BOOTY tokens were "Immobilized" when the theft took place.
Attackers created a smart contract disguised as an ERC20 token, where the "Transfer" function allowed "Paid" funds to be sent into the payment channel contract multiple times.
The malicious contract opened up a payment channel and allowed hackers to enter and exit the contract without the presence of a counter-party.
By transferring tokens to the smart contract and back, hackers were able to gain ETH equivalent to their initial SPANK balance.
They are making it mandatory for multiple "Internal" audits for all smart contract codes published on the SpankChain protocol, and "At least" one external audit.
For those interested, SpankChain has made public the hacker's payment channel contract, attacker's address, internal attacker's address, malicious contract address.
SpankChain Smart Contract Compromised, Hackers Take $38,000 in Ethereum
Published on Oct 11, 2018
by Cryptoslate | Published on Coinage
Coinage
Mentioned in this article
Recent News
View All
Mark Zuckerberg Considers Blockchain for Data Authorization and Logins
Mark Zuckerberg, CEO and founder of Facebook, expressed interest in utilizing blockchain technology for the authorization of data, such as logins and account validation, in an interview with Harvard Law professor Jonathan Zittrain on Feb. 20th. In the interview, Zuckerberg iterated his January promise where he said he would look into blockchain and cryptocurrencies for its power to decentralize the internet.
Sequoia India Leads $3 Million Round for Token Startup Tackling 'Fake News'
Venture capital firm Sequoia India has led a $3 million seed round for blockchain startup Band Protocol, which incentivizes reliable content producers with token rewards and staking.
LA Kings Now Let Fans Verify Merchandise Using a Blockchain App
A U.S. ice hockey team has launched a blockchain-based app allowing fans to ensure their merchandise and memorabilia are the real deal.
QuadrigaCX Has Sent All Its Bitcoin and Ether to 'Big Four' Auditor EY
QuadrigaCX's online wallets for bitcoin and ethereum have nearly been emptied and the funds sent to the failed cryptocurrency exchange's court-appointed monitor, Ernst & Young.