• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

Ethereum Parity Bug Destroys Over $250 Million In Tokens

November 9, 2017

Views: 3,822

If you are into cryptocurrency or blockchain at all, you will have heard about the Ethereum Parity Bug that has basically thrown $280 Million value or more of Ethereum tokens in the bin.

Ethereum Parity Bug Destroys Over $250 Million In Tokens

It’s a bit of a mess really, and a mistake by the developers who introduced it after fixing another bug back in July to do with multisig wallets (wallets which multiple people have to agree to transactions).

You can see the thread on Github here: anyone can kill your contract #6995

There’s a lot of hair-pulling among Ethereum alt-coin hoarders today – after a programming blunder in Parity’s wallet software let one person bin $280m of the digital currency belonging to scores of strangers, probably permanently.

Parity, which was set up by Ethereum core developer Gavin Woods, admitted today that a user calling themselves devops199 had “accidentally” triggered a bug in its multi-signature wallets that hold Ethereum coins. As a result, wallets created after July 20 are now locked down and inaccessible, quite possibly permanently, thus nuking $90m of Woods’ own savings.

Multi-signature wallets mean more than one person has to sign off on a transaction before funds are moved, and are popular with companies and investment groups looking to protect their assets. Unfortunately, Parity’s technology is seriously flawed: in July a hacker managed to exploit errors in the multi-signature code to steal about $30m in Ethereum.

In response to that cockup, rity updated its wallet software to address the vulnerability, and rolled out a new version. However, that update contained another disastrous bug, one that would lock people out of their wallets. It was set off by devops199 on Monday, affecting anyone who had installed the new code since its release.

So far it seems this Ethereum Parity Bug has affected 573 wallets, which is quite a lot – shown on the tool to check if you were affected:

Parity MultiSig Freeze Tool

This includes the loss of $90 Million or so owned by the Parity wallet owner and Etherum core developer Gavin Woods.

“That code still contained another issue – it was possible to turn the Parity Wallet library contract into a regular multi-sig wallet and become an owner of it by calling the initWallet function,” Parity’s advisory stated.

“It would seem that issue was triggered accidentally 6th Nov 2017 02:33:47 PM +UTC and subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library.”

In a series of posts on GitHub, devops199 said they were a newbie to the crypto-currency system, and had created a multi-signature wallet in a way the software did not expect. When devops199 tried to delete the buggy money pouch, it bafflingly locked down all multi-signature Parity wallets created after the last software update.

A full list of 70-odd affected wallets has been uploaded to Pastebin.

Parity has confirmed the above sequence of events leading to this week’s catastrophe with The Register. So far there’s no response on whether it will be possible to unlock the wallets, or if there are any plans to recover punters’ digital dosh. We’ll post more information when it becomes available.

That’s a lot of money that just went in the bin and I’d guess a whole bunch of angry people just went from being millionaires to nothing. I hope those with a lot of coins, who suffered a loss, didn’t invest a lot of their own real World money to get them.

That would be really painful.

It’s also interesting to note that following this the value of Ethereum has actually gone up, maybe because there’s less in circulation now? Or just more people found out about it.

There’s also no real way to fix Ethereum Parity Bug unless Ethereum forks back to before the tokens got wiped out by the bug, which seems pretty unlikely. Also Vitalik has been pretty quiet about the whole thing only tweeting this.

The last crypto thing that most people didn’t know about was that most Bitcoin vendors are actually compromising the supposed Anonymity of using Cryptocurrencies.

Source: The Register

Share
Tweet54
Share42
Buffer12
WhatsApp
Email
108 Shares

Filed Under: Hacking News Tagged With: cryptocurrency, ethereum



Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

Views: 419

With more businesses running Linux in production—whether in bare metal, VMs, or containers—the need … ...More about Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

SUDO_KILLER - Auditing Sudo Configurations for Privilege Escalation Paths

SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Views: 469

sudo is a powerful utility in Unix-like systems that allows permitted users to execute commands with … ...More about SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Bantam - Advanced PHP Backdoor Management Tool For Post Exploitation

Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Views: 386

Bantam is a lightweight post-exploitation utility written in C# that includes advanced payload … ...More about Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

AI-Powered Cybercrime in 2025 - The Dark Web’s New Arms Race

AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Views: 588

In 2025, the dark web isn't just a marketplace for illicit goods—it's a development lab. … ...More about AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Upload_Bypass - Bypass Upload Restrictions During Penetration Testing

Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Views: 556

Upload_Bypass is a command-line tool that automates discovering and exploiting weak file upload … ...More about Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Shell3r - Powerful Shellcode Obfuscator for Offensive Security

Shell3r – Powerful Shellcode Obfuscator for Offensive Security

Views: 726

If antivirus and EDR vendors are getting smarter, so are the tools that red teamers and penetration … ...More about Shell3r – Powerful Shellcode Obfuscator for Offensive Security

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (228)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (431)
  • Forensics (65)
  • GenAI (3)
  • Hacker Culture (8)
  • Hacking News (229)
  • Hacking Tools (684)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (74)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (118)
  • Security Software (233)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,294,322)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,085)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,622)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,681)
  • Password List Download Best Word List – Most Common Passwords (933,487)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,146)
  • Hack Tools/Exploits (673,293)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,157)

Search

Recent Posts

  • Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked) May 14, 2025
  • SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths May 12, 2025
  • Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation May 9, 2025
  • AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race May 7, 2025
  • Upload_Bypass – Bypass Upload Restrictions During Penetration Testing May 5, 2025
  • Shell3r – Powerful Shellcode Obfuscator for Offensive Security May 2, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy