Some of the hacking incidents which occur in the cryptocurrency space go unpunished for quite some time. That is not the case where EtherDelta is concerned. The popular Ethereum-based trading platform was breached in 2017, and it now sees the two individuals responsible for doing so have officially been indicted. A prominent development for the industry, as these heinous crimes should result in some form of justice for the victims.
The EtherDelta Hacking Incident
When the EtherDelta trading platform was hacked in 2017, there were a lot of questions which remained unanswered for some time. No one knew exactly who was behind it how they even orchestrated this attack. Based on recent court filings, the full picture has become a lot clearer. The service was subjected to a DNS attack which allowed two criminals to cause a lot of havoc for users who rely on that trading platform.
As has become somewhat of a trend in the cryptocurrency world, criminals often tend to obtain personal information of users or even service operators. In this case, they were the details of EtherDelta CEO Zachary Coburn. By actively hijacking his SIM and mobile phone number, the hackers could successfully pull off their DNS attack. The mobile phone number and relevant information to hijack the number were seemingly purchased on the darknet.
Who are the Perpetrators?
Sources have confirmed the two individuals responsible for this DNS attack have been identified. They go by the names of Elliot Gunton and Anthony Tyler Mashatka. They are charged with purposefully changing EtherDelta’s DNS records to forward users to a fake website and steal their login credentials. The DNS switch occurred after gaining control over Coburn’s mobile phone number, which would serve as two-factor authentication verification.
It is believed Gunton and Mashatka stole nearly $270,000 worth of Ethereum at the time of the hack. Several other ERC20 tokens were taken from user wallets as well, bringing the final tally to well over $1m. One of the affected EtherDelta users lost $800,000 in a combination of Ethereum and multiple tokens. Whether or not any of this money will ever be returned to its rightful owners, remains unclear at this time.
A Valuable Security Lesson
Although no one will deny the potential of EtherDelta in terms of trading service, it is also not the most secure option to use. That is not because of the platform itself, but rather due to its centralized nature. As users still rely on login credentials and third-party wallet addresses with private keys, it is only evident some sort of theft will occur sooner rather than later. There is no way for centralized solutions to remain hack-free, as they will always be under attack from criminals looking for quick personal gain.
Decentralized solutions, which allow users to buy and sell assets directly from their self-controlled wallets, are a vastly superior option. Unfortunately, the decentralized exchange market is still in its infancy. While numerous ventures exist already, they do not get the same traction as centralized bastions such as Coinbase and Binance. One can only hope that the situation will change in the near future, as user security should always come first. In this industry, that means users have to take control of everything and anything.