- The actor who played Greedo is just as confused by ‘maclunkey’ as you are Friday 4:57 PM
- AirPods are getting that sweet, sweet Black Friday price drop Friday 4:24 PM
- Looking for a Nintendo Switch? Black Friday deals are here Friday 4:04 PM
- Facebook copies Instagram with experimental ‘Popular Photos’ feature Friday 3:58 PM
- This iPhone app says it will alert you if you’ve been hacked Friday 2:43 PM
- ‘Marvel’s Hero Project’ is the wholesome content 2019 needs Friday 2:40 PM
- Get more out of VSCO with VSCO search Friday 2:09 PM
- Twitter carves out ‘cause-based’ advocacy exemption in political ads ban Friday 2:06 PM
- Disney+ accounts are being hacked—here’s how to protect yourself Friday 1:52 PM
- Instagram is hiding likes globally and searching for a ‘well-being’ product researcher Friday 1:42 PM
- ‘The Mandalorian’ opens up its mythology even further in ‘Chapter 2’ Friday 12:54 PM
- Want to buy a drone on a budget? We’ve got you covered Friday 12:51 PM
- ‘Simpsons’ writer accuses Republicans of stealing Sideshow Bob’s defense Friday 12:49 PM
- Keanu Reeves’ appearance in ‘SpongeBob Movie’ trailer quickly becomes a meme Friday 12:35 PM
- Charli XCX makes the band in Netflix’s ‘Nasty Cherry’ Friday 12:33 PM
Meanwhile, the price of Bitcoin surged 70 percent this week and over 200 percent on the year, making it one of the currency’s best years ever.
Introduced in July 2015, the Ethereum protocol and its crytocurrency, Ether, blew past $1 billion in May 2016, a rapid rate of growth that the inspired co-founder of Coinbase, Fred Ehrsam, to say Ethereum could “blow past Bitcoin entirely.”
“A new virtual gold rush is underway,” Nathaniel Popper wrote in the New York Times. Corporate giants called it Bitcoin 2.0.
Now, in the midst of this massive and so far successful heist against one of Ethereum’s most popular applications, the currency’s future course is in question. Previous criticisms from Bitcoin advocates over Ethereum’s security problems and lack of testing are looking increasingly prescient.
The price of the currency fell significantly until Ethereum co-founder Vitalik Buterin asked currency exchanges, where people can buy and sell Ethers, to immediately pause transactions.
The target of the attack is the Decentralized Autonomous Organization (DAO), a platform built on top of Ethereum meant to innovate over Bitcoin’s much-talked about blockchain, the open ledger of cryptocurrency transactions at the core of many of Bitcoin’s innovations.
The Ethereum code and network itself has not been hacked.
The DAO, which was worth well over $100 million prior to this attack, is essentially open-source code meant to transparently hold money and create binding financial agreements independent of human oversight. Media called the application nearly unhackable.
The DAO, rather than Ethereum itself, is exactly what’s being attacked and stolen from right now by unknown hackers.
Griff Green, spokesman for Slock.it, the creators of the Dao, stated on the DAO Slack channel, according to Crypto Coin News:
“The DAO is being attacked,” Green said toward the beginning of the attack. “It has been going on for 3-4 hours, it is draining ETH at a rapid rate. This is not a drill.”
Observers can watch the hack in progress from one key perspective: The attacker’s Ether wallet is open for all to see as funds are siphoned in. Money is still piling up. However, at the time of publication, nothing has been cashed out.
The exploit used to hack the DAO was publicly disclosed a week ago.
“Your smart contract is probably vulnerable to being emptied if you keep track of any sort of user balances and were not very, very careful,” cryptocurrency expert Peter Vessenes wrote on his website.
“An attack has been found and exploited in the DAO, and the attacker is currently in the process of draining the ether contained in the DAO into a child DAO,” George Hallam of the Ethereum Foundation explained on Reddit. “The attack is a recursive calling vulnerability, where an attacker called the ‘split’ function, and then calls the split function recursively inside of the split, thereby collecting ether many times over in a single transaction.”
Significant tension exists now about how to address the heist, especially because it is the DAO and not Ethereum itself that’s been hit. A lively debate has sprung forth about the options of “rolling back” the currency or altering the code in what’s being dubbed a “too big to fail political fork” of the software.
The immediate and obvious comparison is to the enormous heist that hit Bitcoin’s Mt. Gox exchange in 2013, earning the hackers bitcoins worth $450 million then and $640 million today.
That heist, which remains murky to this day, was a heavy black eye for Bitcoin, but one that it ultimately survived.
Bitcoiners: Remember how Gox and April 2013 felt. Now is the time to be supportive and gracious. Growing pains are part of growing.
— Andreas (@aantonop) June 17, 2016
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.