Enigma ICO Hacked
According to an announcement made on their official website an hour ago, an “unknown entity” has managed to hack their website, slack account and email newsletter accounts, and uploaded a fake pre-sale page with a fake ETH address to send money with the perpetrators netting nearly than $500,000 in digital coin by spending out spam.
Enigma, which was started by a group of MIT graduates, did not lose any money from the attack. Whoever orchestrated it grabbed money from the Enigma community, people who joined the company’s mailing list or Slack group of over 9,000 users to learn more about its ICO in September.
The hacker posted Slack messages, altered the website and spoofed emails to a community list which were made to look official and urged money to be sent to their crypto wallet.
That’s netted the hacker 1,492 in Ether coin (worth $494,170.68) at the time of writing, according to Etherscan . That’s despite the Enigma team having warned its community that it would not collect money in this way prior to the ICO next month
In response, the company have taken down its website and slack group and updates are currently been posted on telegarm
IMPT: read the following info from Enigma re: recent scam attempt. Join our Telegram to speak with team admins: https://t.co/SSGIsJ2ZWe pic.twitter.com/mM5mcaAzqG
— Enigma Project (@EnigmaMPC) August 21, 2017
Here’s the full statement from Enigma:
1) No investor or company funds were stolen or compromised. All company funds are safely secured via multi-sig wallets comprised of hardware wallets. We believe scammers were soliciting community funds by posing as the Enigma team and posting an ETH address for users to send funds. We have announced on multiple occasions that we will not be collecting any community funds for any reason before our crowd sale on September 11. Our official pre-sale is done with accredited investors only and we require heavy legal due diligence. These funds also will not be collected until September.
2) We have retaken control of all Enigma accounts, but we have deactivated our 9000+ user community Slack for the time being as a security measure. Our official communication channels at this time will be Twitter and Telegram. @EnigmaMPC, t.me/enigmacatalyst, t.me/enigmacatalystann. Users should always wait to see critical communications confirmed across ALL channels.
3) We’ve moved up a number of critical security steps and taken additional measures to protect the community going forward. We’re now very well aware of the potential threats and are taking no chances.
1. Strong, different, random passwords for each account – whether held by an employee or official communication channels for the company
2. 2FA for all such accounts
3. Weekly password rotation, and daily rotation in the week leading to the token sale
4. Proper access control management and compartmentalization
We also intend to do a live stream doing our crowdsale September 11 to ensure the community’s trust in our team and sale. We remain a public-facing team, and we continue to firmly stand behind Enigma’s vision and future.
Lots of investors are still sending Ethereum to the fake address, you should share this story to warn your friends
Join us on Telegram >>> Cryptomartez<<<