Yet another ICO named KICKICO is been hacked yesterday, wherein 70 Million KICK worth $7.7 Million being stolen.
The event occurred due to the breach in the smart contract. Indeed the hackers got direct access to KICKICO blockchain network through the private key of its smart contract.
Soon after the incident, a breach report was published on the official Medium account, which states as follows,
“KICKICO has experienced a security breach, which resulted in the attackers gaining access to the account of the KICK smart contract — tokens of the KICKICO platform. The team learned about this incident after the complaints of several victims, who did not find tokens worth 800 thousand dollars in their wallets”
As per the official statement, hackers destroyed 40 addresses and created 40 new accounts with identical balances. Fortunately, the fixed supply of KICKICO remained as it is even after the breach since those stolen funds were replicated but not completely destroyed.
Furthermore, the statement elaborated that, the response from the community was quick enough to trigger the replacement of compromised private key with that of the private key from cold storage. This ensured the timely recovery control and prevent further losses.
Also, the statement highlights the fact that all the compromised funds from 40 different accounts will be reimbursed and tokens will be returned back to its respective holders.
It is evident that most of the profitable ICO’s are prone to such attacks and recently we saw largest ICO, Bancor being hacked and lost funds up to $12 Million. Hacks of these kinds give a wrong impression to the upcoming investors and the effect propagates to the whole ecosystem.