According to a recent announcement on the medium post, the SpankChain company revealed about its hack,thatsupposedlyhappenedback on 6th Oct., was detected by SpankChaina day after, and wasproclaimedtodayin a verypost entitled [We Got Spanked: Whatwe knowtill now].
Anonymous attackers managed to stealaround 165.38 Ethereum [ETH], which were equivalent to $38,000 USD from the platform’s payment channelsmartcontract.In addition,this securitybreach caused the immobilization of $4,000USD worthof the SpankChain’s internal tokennamed ‘Booty’.
While most of lost or immobilized funds belong to SpankChain itself, the platform claimed thatconsumer reimbursementsare the immediate priority.The firmwouldshortly repay $9,300 USDpriceof Ethereum andBootycoins directly to theusers’ SpankPay accounts via ETH airdrop.
The SpankChain team hasconsiderablyhalted its camservice Spank.Live in orderto forestallusers from depositing via the payment channelssmartcontract.The web rebootis expectedto take placearound2to 3 daysso asto reset the payment channels smart contract,carryreimbursements, reset native token distribution, and eliminatethe security breach.
The attack wasassociated witha ‘reentrancy bug’just likethe onethatexploited TheDecentralizedAutonomous Organization [DAO]. The hacker reportedly created a malicious contract mimickinganERC20 token, with a transferfunction callingback tothe payment channelsmartcontract multiple timesin a veryloop, extracting Ethereumon every occasion.
A smart contractmay be aprotocolthat allowsthe precisebehavior of a contract by applying the terms of the agreement into the code, eliminatingthe necessityfora 3rdpartyin-between.
While smart contractsarereportedly extremelytroublesometo hack,they’restill a young technology,and maybevulnerable tobugs,which maysuccessivelybe exploited by scammers.
The adultindustryisprogressivelytaking advantage of cryptocurrencies and blockchain technology,largelydriven by the technology’s inherentobscurity,along with a varietyofotheradvantages.