This Monday, hackers have stolen at least 3000 ETH ($5.7 million) after breaching the security of Roll, a blockchain ecosystem for the issuance of social tokens and NFTs (non-fungible tokens).
Around 3:30 EST, Roll reported suffering a security breach on its platform. Accordingly, a hacker managed to compromised Roll’s private keys to its hot wallet. The attacker drained all the tokens from the wallet and later sold them on Uniswaps for ETH.
“Today we messed up”
The platform stated “there is no further action at this stage”, adding that withdrawals of all social tokens are suspended. Users will not be able to withdraw until developers relocate the hot wallet.
Likewise, third-party auditors will help the platform reinforce its security, and developers will also run a forensic analysis to figure out how the attacker stole the key.
Many community creators said they lost most of their funds due to the attack. Roll will try to compensate the most affected users with a $500,000 fund to help affected users. But some creators are expecting a full refund:
500,000$ fund? I’m a creator and our community just lost EVERYTHING. The $PICA just went to 0… I lost like months of salary. As smaller creative communities we just expect more than this. Hoping for a full refund. Confidence there will be seriously damaged either way
Nearly -100% dumps in price
The attack caused a harsh collateral effect on social tokens, leading several coins to massive price dumps. Some tokens even plunged by nearly 100%. The most affected were PICA (-99.6%), WHALE (-99.3%), and RARE (-87.5).
But according to Barthazian.eth, the hacker even managed to mint social tokens before executing his attack, draining ETH in several pools.
The founder of WHALE, one popular social token, confirmed the attack via Twitter. At least 2.17% of WHALE was compromised, but most assets remain secured in cold storage
Despite the large price dump, WHALE managed to surge within a few hours thanks to community support. The token surged from 3$ to nearly 30$. After WHALE managed to get back on its feet, the founder said they are exploring new and better security measures to avoid such attacks in the future:
“We will be reviewing through all our security measures and protocols moving forward and more importantly, holding our partners to those very same standards. While nobody saw this coming, this could have been avoided. We can and will do better.“
According to MyCrypto, the attacker is currently sending hundreds of ETH using Tornado Cash, a tool that provides transaction privacy by breaking the on-chain link between the source and destination addresses. Hackers frequently use this tool to cover their transaction data.
The post Hackers steal 3000 ETH from Roll, causing massive price dumps of nearly -100% appeared first on CryptoSlate.
Source: Hackers steal 3000 ETH from Roll, causing massive price dumps of nearly -100%