Parity, an Ethereum Wallet Exploited. $31m allegedly stolen already
A very very bad day for Ethereum.
Severity: Critical
Product affected: Parity Wallet
Affected implementations: Parity 1.5 or later
Summary: A vulnerability in a version of the multi-sig contract wallet.sol has been reported.
Mitigation steps: Any user with funds in a multi-sig wallet created in Parity with the affected implementations should immediately move their funds to a secure address.
Source: https://blog.parity.io/security-alert-high-2/
"Edgeless casino, swarm city, and aeternity have all been drained" --CF Slack
Source: https://twitter.com/coinfund_io/status/887757323036446720
Alleged Heist Address: https://etherscan.io/address/0xb3764761e297d6f121e79c32a65829cd1ddb4d32#internaltx
I guess this is the fix here? https://github.com/paritytech/parity/pull/6103/files
Can anyone explain the technical details of this bug/fix? I'll give a 100% upvote for good answers. ;-)
the significance is $31m
Yes, of course, but I am asking for a technical explanation of the patch I linked to. How was the previous version vulnerable, and how does the patch fix it? (Edited my comment to reflect this)
here's the easy explanation: https://www.reddit.com/r/ethereum/comments/6oalcq/important_wallets_created_with_paritys_multisig/dkg2qxh/
thx for the info
Wow that is not good PR for Ethereum
Wow, that's bad!
Dang, thats a big hit!
Shit... That's a hell of a paycheck!
Disclaimer: I am just a bot trying to be helpful.
Wow, the hits just keep on coming for Ethereum. Not good.
where are your coins really safe?
Resteeming - that's awful news for those with holdings.
This is why you use your own hardware wallets
it's also why wallets clearly need to be improved - and more hardware wallets need to be available - lots of opportunity for whoever cracks that nut!