In December 2017, hackers managed to hack the popular DEX EtherDelta. Now the two suspects are to be brought to justice. The damage done by the hack is hard to measure. It should have been stolen 308 Ethereum, their value corresponded at the time of the act just over 266,000 US dollars. Together with the large number of ERC-20 tokens, the total amount should be around $ 800,000.
Many users were amazed that a decentralized exchange could become the target of an attack. Finally, the purpose of such an exchange is, inter alia, that users retain full control of their deposits.
In this case, no Wallet was attacked as such, but probably the only central aspect of the DEX.
According to the indictment, the two men are said to have gained control over users’ private keys by gaining access to the site’s DNS. In this way, they were able to redirect users to a similar page.
Once the users connected their wallet with the wrong DEX, they were cleared away and the deposits transferred to other addresses. However, to gain access to the server’s DNS settings, they gained access to an employee’s mobile phone number.
With the number they could then gain control of one of his e-mail addresses, which finally opened the door to the DNS settings. At the same time, the perpetrators use the access to block all other employees from their accounts. They could not be stopped this way.