Hacker News new | past | comments | ask | show | jobs | submit login

Yeah this makes no sense whatsoever.

> [The hacker] took control of the specific ETH cold wallet and transferred all the ETH in the cold wallet to this unidentified address.

Did the hacker physically break into their office or what?




Possibly yes

Or some part of their system failed and the key was compromised without them realising it (like the Debian insecure keys debacle or whatever)


The wallet is a smart contract (specifically a gnosis safe), the malicious message they signed transferred ownership of that smart contract wallet to the attacker so they could then do whatever they want with it.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: