A whitehat group has hacked into a list of multi sig wallets with weak contracts 'collecting' over 140M USD in tokens and Ethereum
A 'Note' left by the group can be found by searching their address on Etherscan. Its reads as follows "The White Hat Group were made aware of a vulnerability in a specific version of a commonly used multisig contract. This vulnerability was trivial to execute, so they took the necessary action to drain every vulnerable multisig they could find as quickly as possible. Thank you to the greater Ethereum Community that helped finding these vulnerable contracts.
The White Hat account currently holding the rescued funds is https://etherscan.io/address/0x1dba1131000664b884a1ba238464159892252d3a.
If you hold a multisig contract that was drained, please be patient. They will be creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and will return your funds to you there."
Here is a list of ERC20 Tokens that were hacked into to:
- Basic Attention Coin
- ICONOMI
- CoFound.it
- EOS
- Digix DAO
- Bancor Network
- FirstBlood
- Golem Network
- Melon
- WINGS
- Augur REP
- Civic
- Trustcoin
- iEx.ec Network
- Guppy
- Metal
- Gnosis
- Aragon Network
- Storjtoken
- FUCKtoken
- VIP
- Monaco
- NeverDie
- TenX Pay
- The DAO
- CreditBit
- FunFair
- Status Genesis
- Dice
- BlockCat
- MyEhterWallet Donations
- DAO Casino