The team behind the crypto decentralized exchange EtherDelta, which is powered by a smart contract on the Ethereum blockchain, has just issued a security alert warning all users about a security incident involving its DNS server.
EtherDelta, which allows users to trade ERC-20 tokens, said on Twitter that it is currently investigating this issue, and in the meantime advised its users not to use the current site.
Although it is unclear exactly how much money was stolen, it appears several thousands of dollars worth of cryptocurrency is now in the hands of an unknown assailant. However, EtherDelta’s warning implies that users will be safe so long as they don’t use the site right now, thus any tokens/ether deposited to EtherDelta should be safe whichever wallets they are currently in.
EtherDelta’s web interface allows users to deposit and withdraw assets, and make transactions directly through hosting their Ethereum private key in-browser.
Filling the Gap Between Brokers, LPs, and ClientsGo to article >>
It seems that someone successfully injected malicious code into the exchange. According to an ongoing investigation, the imposter app has no CHAT button on the navigation bar nor the official Twitter feed on the bottom right. It is also populated with a fake order book.
Dear users, we have reason to believe that there had been malicious attacks that temporarily gained access to @etherdelta https://t.co/NnqU5Er4rj DNS server. We are investigating this issue right now – in the meantime please DONOT use the current site.
— EtherDelta (@etherdelta) December 20, 2017