On Friday, ICO platform KickICO acknowledged a security breach during which an unknown attacker (or attackers) stole over 70 million KICK tokens ($7.7 million at the time of the hack) from the platform's wallets.

According to KickICO CEO Anti Danilevski, the hack took place on Thursday, July 26, at 09:04 UTC.

Platform learned of the hack from users

Danilevski says his team learned of the hack from victims who complained to the company. One victim reported that about $800,000 worth of KICK tokens suddenly went missing from his wallet.

The exec says his team immediately started investigating the hack in light of the report. The investigation revealed that the intruder managed to gain access to the private key of the KickICO platform that the developers were using to manage the KICK token (also known as KickCoin) smart contract.

The hacker used this key to alter the smart contract's behavior. This smart contract is how KICK tokens are traded on top of the Ethereum platform.

Danilevski says the hacker destroyed KICK tokens at approximately 40 addresses and created the same amount of tokens at other 40 wallets, which were under his control.

This trick didn't change the number of KICK tokens issued on the network, and hence evaded the platform's security measures put in place to analyze sudden shifts in total cryptocurrency funds available on the market.

KickICO says it will refund all users

"Thanks to the rapid response of our community and our coordinated team work [sic], we were able to regain control over the tokens and prevent further possible losses by replacing the compromised private key with the private key of the cold storage," Danilevski said.

KickICO devs say they've regained access over the KICK smart contract and are urging users who lost funds in the hack to reach out via email at

"KICKICO guarantees to return all tokens to KickCoin holders. We apologize for the inconveniences," Danilevski said.

Related Articles:

Make-A-Wish Website Compromised for Cryptojacking Operation

Dell Systems Hacked to Steal Customer Information

First GDPR Sanction in Germany Fines Flirty Chat Platform EUR 20,000

Infowars Store Affected by Magecart Credit Card Stealing Hack

Linux CryptoMiners Are Now Using Rootkits to Stay Hidden