It has been the year of the initial coin offering in the cryptocurrency market, but with success comes hardship too as the ICOs draw both good and bad attention. Following the $9 million hack of CoinDashβs ICO, we are now seeing the case of Enigma - the company's ICO was hacked yesterday, yielding $500,000 (1500 ether) to the perpetrator.
Enigma is a project started by MIT graduates and the ICO was supposed to be released only in September. But the hacker managed to gain access to the company website, mailing list and group at slack.com, and sent out mails and slack messages to the community saying that Enigma was going to have a pre-sale with a cap of $20 million.
In the mail, he directed clients to send their funds to his Ethereum address. The Enigma team quickly realized that its security had been compromised but by then 200 contributions had already been sent.
The Enigma team took back control of its website and social accounts, shut the website down and took the slack group offline. It has warned users through Twitter that the website was compromised, and not to send any funds anywhere.
It is also interesting to note that the hacker gained access to these accounts through the email account of Enigma CEO Guy Zyskind, which he managed to access. It is also reported that the password of the account was dumped online as part of another compromise, and Guy had not changed his password nor enabled two factor authentication.
Though Enigma has said that it has implemented additional security measures, the two hacks referred to in this article indicate that hackers do not necessarily need to use any kind of complex procedures to succeed. In the future, firms pursuing ICOs need to pay extra attention to their security and do everything in their power to prevent such occurrences.