Hackers find creative way to steal $7.7 million without being detected
https://arstechnica.com/information-technology/2018/07/hackers-find-creative-way-to-steal-7-7-million-without-being-detected/
Hackers managed to steal $7.7 million dollars' worth of cryptocurrency from the platform known as KICKICO by using a novel technique—destroying existing coins and then creating new ones totaling the same amount and putting them in hacker-controlled addresses, KICKICO officials said.
The technique evaded KICKICO’s security measures because it didn't change the number of KICK tokens issued on the network. Such security measures are generally designed to spot thefts and other malicious actions by detecting sudden shifts in total cryptocurrency funds available on the market. The unknown attackers were able to destroy the existing coins and create new ones by first obtaining the secret cryptographic key controlling the KICKICO smart contract. KICKICO officials didn’t learn of the breach until they received complaints from several users reporting that $800,000 dollars' worth of digital coins were missing from their wallets.