An unknown hacker has taken over the official website of the CoinDash platform and modified an Ethereum wallet address during the company's ICO (Initial Coin Offering).
The hack took place today, just three minutes after CoinDash launched its ICO, which is something similar to an IPO.
Many startups today use ICOs to raise funds in the form of cryptocurrency. An ICO happens at predetermined dates when companies publish a cryptocurrency address on their websites, and people start sending funds. After the ICO, the company issues tokens in return, which are the equivalent of real-world stocks.
According to a statement published on its website, CoinDash says the hacker took over its website three minutes after the ICO launched and replaced the official Ethereum wallet address with his own.
When the company discovered the hack, it shut down its website and announced users about the incident and the end of the ICO.
Website has been hacked.— CoinDash.io (@coindashio) July 17, 2017
The Token Sale is done, do not send any ETH to any address. Official statement regarding the hack will be released soon.— CoinDash.io (@coindashio) July 17, 2017
The company says it received around $6 million worth of Ethereum in the first three minutes, before the hack. The hacker's Ethereum wallet shows a balance of 43,438 Ethereum, which is around $7.8 million. CoinDash estimates that around $7 million of these funds came from its users.
The company was hoping to use the ICO money to fund its Ether social-trading platform. In an official statement, CoinDash has agreed to issue tokens to almost all the persons who sent money to the hacker's wallet.
CoinDash is responsible to all of its contributors and will send CDTs [CoinDash Tokens] reflective of each contribution. Contributors that sent ETH to the fraudulent Ethereum address, which was maliciously placed on our website, and sent ETH to the CoinDash.io official address will receive their CDT tokens accordingly. Transactions sent to any fraudulent address after our website was shut down will not be compensated.
CoinDash is asking investors who sent money to the hacker to fill out this form.
There are no other details available about the incident or how the hacker breached CoinDash's systems. The company is still investigating the incident.
Image credit: CoinDash