‘We Got Spanked’: Adult Entertainment ICO Suffers $38,000 Hack

SpankChain ICO Hack

“We got spanked.”

That’s the message that SpankChain, the initial coin offering (ICO) funded adult entertainment website, used to inform its users that a hacker had exploited a bug in one of its smart contracts to abscond with 165.38 ETH, worth about $38,000 at the time of the theft. Another $4,000 worth of the platform’s ICO token, BOOTY, was immobilized as a result of the breach, bringing the total economic impact of the hack to about $42,000.

The hack occurred at roughly 6 pm PST on Saturday, though the company did not discover the theft until the following evening, at which point it took the website offline to prevent further breaches.

“Unfortunately, as we were in the middle of investigating other smart contract bugs, we didn’t realize the hack had taken place until 7:00pm PST Sunday, at which point we took Spank.Live offline to prevent any additional funds from being deposited into the payment channels smart contract,” the announcement read.

Coinbase 2

According to SpankChain, the hacker exploited a “reentrancy” bug, similar to the one used in the infamous DAO hack.

“In short, the attack capitalized on a ‘reentrancy’ bug, much like the one exploited in The DAO. The attacker created a malicious contract masquerading as an ERC20 token, where the ‘transfer’ function called back into the payment channel contract multiple times, draining some ETH each time.”

SpankChain ICO

The company admitted that it had failed to pay for a security audit of its payment channel smart contract, which could have cost as much as $50,000 — well above the amount of funds affected by the hack. Nevertheless, SpankChain said that it realizes now that it should have paid for the audit, expensive though it may have been.

“As we move forward and grow, we will be stepping up our security practices, and making sure to get multiple internal audits for any smart contract code we publish, as well as at least one professional external audit,” the company said.

Most of the affected funds belonged to SpankChain. However, about $9,300 worth of the stolen and immobilized funds belonged to users. Consequently, the company, which raised $7.2 million through its ICO in late 2017, said that it would airdrop $9,300 in ETH to affected users’ SpankPay accounts following the website’s reboot within the next several days.

As CCN reported, SpankChain is just the latest in a long line of Ethereum projects that have lost money when hackers exploited bugs in their smart contracts.

In July, decentralized exchange (DEX) Bancor lost $23 million in ETH and other ethereum tokens when a hacker compromised a wallet used to upgrade some of the platform’s smart contracts. That same month, KICKICO lost 70 million KICK worth $7.7 million when a hacker managed to gain control of the project’s smart contract.

Previously, a smart contract governing multi-signature ethereum wallets suffered multiple security breaches, resulting in a $32 million theft and $150 million in permanently-frozen funds. Such hacks have led Litecoin creator Charlie Lee to suggest that Solidity, the native programming language of Ethereum smart contracts, is a “hacker paradise.”

However, the problem is not isolated to Ethereum. In September, several decentralized applications (dApps) running on the EOS network were exploited as the result of smart contract bugs as well. At least two gambling dApps were affected, losing a collective $260,000 when hackers discovered a way to place bets without having to stake any real tokens, allowing them to gamble consequence-free.

Images from Shutterstock

Follow us on Telegram or subscribe to our newsletter here.

• Join CCN’s crypto community for $9.99 per month, click here.
• Want exclusive analysis and crypto insights from Hacked.com? Click here.
• Open Positions at CCN: Full Time and Part Time Journalists Wanted.

Advertisement

‘We Got Spanked’: Adult Entertainment ICO Suffers $38,000 Hack 1
blank
About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

blank

E-Crypto News Executive Interviews


blank

bitcoin
Bitcoin (BTC) $ 39,075.00
ethereum
Ethereum (ETH) $ 2,621.52
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 329.83
cardano
Cardano (ADA) $ 1.36
xrp
XRP (XRP) $ 0.719950
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.198784
polkadot
Polkadot (DOT) $ 18.45
binance-usd
Binance USD (BUSD) $ 1.00
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 39,075.00
ethereumEthereum (ETH)
$ 2,621.52
tetherTether (USDT)
$ 1.00
bitcoin-cashBitcoin Cash (BCH)
$ 539.32
litecoinLitecoin (LTC)
$ 141.44
bitcoinBitcoin (BTC)
32.884,50
ethereumEthereum (ETH)
2.206,20
tetherTether (USDT)
0,841574
bitcoin-cashBitcoin Cash (BCH)
453,88
litecoinLitecoin (LTC)
119,03
bitcoinBitcoin (BTC)
28,124.43
ethereumEthereum (ETH)
1,886.85
tetherTether (USDT)
0.719755
bitcoin-cashBitcoin Cash (BCH)
388.18
litecoinLitecoin (LTC)
101.80

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

blank
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021
blank
What Role Do Cryptocurrencies Play In The Era Of Ransomware Attacks?
June 9, 2021
Crypto Scams On The Rise As Market Enters Bull Cycle
Crypto Scams On The Rise As Market Enters Bull Cycle
December 22, 2020
Harpreet Singh Sahni perpetrated the Plus Gold Union Coin (PGUC) scam
Sydney Concert Promoter Harpreet Sahni Involved In $50M Crypto PGUC Scam
November 2, 2020

Blockchain/Cryptocurrency Questions and Answers

Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021
Solana
What Is Solana (SOL) And How Does It Work?
June 26, 2021
blank
What Is Plethori Platform And How Does It Work?
June 12, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin39,194 0.47 % 2.33 % 0.30 %
Ethereum2,643.5 1.30 % 5.12 % 15.31 %
Tether1.000 0.04 % 0.14 % 0.29 %
Binance Coin331.13 0.63 % 2.82 % 5.63 %
Cardano1.360 0.12 % 1.63 % 7.19 %
XRP0.7246 0.58 % 1.25 % 12.81 %
USD Coin1.000 0.15 % 0.17 % 0.13 %
Dogecoin0.2000 0.41 % 1.43 % 2.24 %
Polkadot18.60 0.73 % 6.72 % 29.86 %
Binance USD1.000 0.30 % 0.35 % 0.32 %

bitcoin
Bitcoin (BTC) $ 39,058.00
ethereum
Ethereum (ETH) $ 2,688.37
tether
Tether (USDT) $ 0.998879
binance-coin
Binance Coin (BNB) $ 331.44
cardano
Cardano (ADA) $ 1.37
xrp
XRP (XRP) $ 0.721735
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.198932
polkadot
Polkadot (DOT) $ 19.01
uniswap
Uniswap (UNI) $ 23.35