Consequences of Parity hack

Experts estimate giant volume of losses, a lot of Ethereum-based projects were hacked
21 July 2017   3581
Ethereum

Open-source blockchain-based distributed computing platform featuring smart contract functionality, which facilitates online contractual agreements.

Approx 9.30 am (Pacific Time) on July 19, 2017, a vulnerability was discovered. It could allow the hackers to drain the funds of users whoe used "multi-signature" Parity wallet. Multisig wallets requires multiple private keys for activation. Version of 1.5 or later was affected.

As a result, big amount of different projects were attacked. Among them:

Users were able to locate 3 wallets, where founds were send. 

  • White Hat Group’s Wallet
  • First Alleged Attacker’s Wallet
  • Second Alleged Attacker’s Wallet

White Hat Group also noted that they will return the funds. This info was posted on Reddit.  

The issue was caused by a bug in affected Parity's code. It allowed an affected wallet’s initialization function to be recalled after it was created. This allowed for a hacker to call the code after and claim that they own the account themself. Ethereum community members called that bug "the most obvious bug in the history of ethereum”; other noted that  vulnerability went undiscovered for a half of year. At approximately 1:30 p.m. Pacific Time, Parity founder Gavin Wood committed a fix to the Parity GitHub that he believes should alleviate the vulnerability. Also, there are some interesting comments at GitHub too, for example, "Who is auditing this code that ends up affecting $100 millions worth of currency ? :/" by admazolla.

At the moment of this article written, it is still unclear about  who the malicious attacker is or whether the remaining victims will ever recover their funds. Also, new victims can still appear. According to EtherScan, malicious account send the stolen funds to other wallets. Maybe, hackers hope to obfuscate its activities in this way. 

ETH Foundation to be Sponsor of UNICEF Crypto Fund

The first contributions to the UNICEF Cryptocurrency Fund will come from the Ethereum Foundation; it will be used for kids OS projects
10 October 2019   358

The United Nations Children's Fund (UNICEF) has established a cryptocurrency fund to accept donations in bitcoins and Ethereum.

Digital assets will finance open source technologies for children and youth around the world.

UNICEF became the first organization in the UN that transacts in cryptocurrency, the fund said in a press release.

This is a new and exciting venture for UNICEF. If digital economies and currencies have the potential to shape the lives of coming generations, it is important that we explore the opportunities they offer. That’s why the creation of our Cryptocurrency Fund is a significant and welcome step forward in humanitarian and development work.
 

Henrietta Fore

Executive Director, UNICEF

The first contributions to the UNICEF Cryptocurrency Fund will come from the Ethereum Foundation through the French branch of the children's fund, which previously began to accept donations in nine cryptocurrencies.

Digital assets will be directed to finance three grantees of the UNICEF Innovation Fund. These are startups Prescrypto, Atix Labs and Utopixar, working in the areas of “tracking recipes, selecting investors and those who need financing, as well as public tokens and business relations”. GIGA will also receive funds from the cryptocurrency fund for connecting schools around the world to the Internet.