It was only a matter of time until one of the recent cryptocurrency ICOs would pose a problem. Rumors are circulating about the InsureX ICO being compromised by scammers. Someone hacked the team’s website and slack to host an early token sale and steal around 1,100 ETH in the process.
The InsureX Incident is Quite Problematic
These cryptocurrency ICOs can cause issues for a lot of people. Either they clog up the Ethereum blockchain, or their smart contracts contain some issues which need to be resolved. However, there is also the risk of people getting scammed. Unfortunately for the InsureX team, their particular ICO has been affected by such a hack, which caused people to send around 1,100 ETH to a bogus Ethereum address.
This whole ordeal started when an unknown assailant somehow took control of the InsureX Twitter account. He or she also gained access to the website and the Slack channel. The assailant then went on to “host” a special early token sale combined with some nice -but obviously fake- bonuses. Sadly, a lot of people fell for this golden opportunity and lost a lot of money in the process.
Etherscan shows the address received in excess of 1,100 Ether over the course of a few hours. Half of that money has already been transferred to a different wallet. The rest of the money, around 558 ETH, is still in the “early token sale” account, which is worth $113,784 at the time of writing. This brief, but successful, scam allowed someone to earn nearly $250, 000 worth of Ether, which will be dumped on the market sooner or later.
Many are outraged by this turn of events. It is impossible to explain how someone gained access to the InsureX website and was capable of successfully modifying it in such a manner the early token sale seemed completely legitimate. For a company with “Insure” in the team, they certainly failed when it comes to having a secure website. That does not bode well for the future of this project.
Hacks like these demonstrate why using a basic WordPress template for a company website -especially one with ICO plans- is absolutely unacceptable right now. WordPress in its raw form is not all that great at preventing people from gaining unauthorized access. It is up to the webmaster to ensure security is beefed up. In the case of InsureX, that apparently has not been done well and allowed an assailant to take full control of the platform for a brief period of time.
The people who actually believed in this “early token sale” are not without blame either. InsureX has already held its pre-sale, which concluded over a week ago. Anyone would know if they bothered to do some research. Due diligence is a necessity for any investing. It is highly unlikely a company does two pre-sale with their ICO coming closer. Cryptocurrency ICOs attract a lot of people, but very few ‘investors” adhere to “due diligence” these days.
from The Merkle