ICO and crowdfunding-oriented platform KICKICO announced on Thursday evening it had experienced a security breach earlier the same day that allowed hackers to get access to the account and the KICK tokens, which are powered by a smart contract on the Ethereum blockchain. In total, the attackers managed to steal 70 million KICK tokens, worth about $7.7 million at current prices.
The company says it learned about the problem when several users complained they couldn’t find their tokens, which were worth $800,000 in total.
As of Friday, the team says it got the control over the situation and the smart contract has been fully restored. It claims it will return all stolen KICK tokens to their owners, who are invited to connect via email report@kickico.com in order to get them back.
According to the company’s explanations, hackers could somehow get access to the private key of the KickCoin smart contract owner. To keep their activities hidden, they applied methods used by the KickCoin smart contract in integration with the Bancor network, one of KICKICO’s partners. Thus, the attackers could wipe out tokens at about 40 addresses and generate a corresponding amount of tokens at the other 40 addresses, so that the total amount of tokens in the system stayed unchanged.
However, the community quickly spotted the problem and helped the team address the issue. KICKICO reacted fast and prevented further losses by replacing the compromised private key with another one of the cold storage.
KICKICO is a blockchain-oriented startup that provides a platform for initial coin offerings (ICOs) and other fundraising activities, similar to Kickstarter. It has recently held an ICO, raising over 84,000 ETH.
After the incident, the KICK token, listed on the 136th position on Coinmarketcap, has lost 1.87% in the last 24 hours. However, the move may be influenced by the bearish mood of the entire crypto market after the SEC rejected a Bitcoin ETF proposed by the Winklevoss twins.
This article appeared first on Cryptovest