Hackers pulled a trick off on Monday, and managed to syphon over $7 million USD worth of Ether from the CoinDash ICO. This hack put the spotlight back on ICO markets for what many claim is a lack of reliability, accountability and viability of the projects proposed. In this case, the CoinDash hack highlighted the perils of investing in an ICO that doesn’t invest enough in securing investor’s funds. This is a warning to all ICO investors out there and may serve to strengthen the argument for stronger oversight in the markets.
CoinDash Hack: The Details
Leaving the question of oversight aside – in itself a complex issue – the CoinDash hack seems to be the result of a simple attack. The hackers managed to change the address to which potential ICO investors had to send their funds to receive their tokens. This was a result of a direct attack on the CoinDash official website, which is the kind of weakness any ICO investor would assume is too trivial for any ICO to miss. Nevertheless, the attack shows otherwise.
Response to the CoinDash Hack
CoinDash responded to the hack quickly after the team discovered the vulnerability. They shut the site off and offered compensation for those who paid into the wrong Ethereum address up until the time when the site was still up and running. The consequences of that compensation, may weigh down on the business itself. The CoinDash hack may also influence the future price of the token.
DAO Me Once…
It may also damage the project’s image further and erode investor trust in general. After the CoinDash hack, the project is clearly on the defensive. Any investor could now start wondering if the smart contract itself is vulnerable, just like the DAO’s was about a year ago. There is no proof yet that this is the case, but CoinDash must now focus on allaying those fears or risk further damage to their credibility.
Will the Social Trading Platform be Nimble Enough on Social Media?
As the story continues to develop, it will be interesting to see how the CoinDash team handles credibility and compensation issues. Some investors expressed their anger on Reddit and other social media, going as far as suggesting that the CoinDash hack was an inside job. There is no information to support those claims, but the damage to CoinDash’s image could be significant. The irony is that one of the main aims of the CoinDash project is to encourage ‘social trading’ through greater communication between cryptocurrency traders on a suitable platform. Now users are leveraging other social media platforms to accuse CoinDash of foul-play.
CoinDash Hack: A Stark Warning
But whether those accusations are true or not, investors must learn the lesson here. When investing in an ICO it is safer if the address of the contract is published before the ICO. The CoinDash hack could have been prevented or minimized if investors knew the address they were paying into in advance, but the project decided to release the address together with the ICO.
On the other hand, potential ICO investors should do their due diligence and understand exactly who is behind the ICO they are targeting amongst other things. They should strive to communicate with team members, ask them questions and make sure they get the answers they are expecting before they invest. Investors cannot afford to miss the stark warnings that the CoinDash hack, or for that matter, any other ICO problem since the day of the DAO hack, provide.