Hackers have managed to pull off another attack on the lucrative ICO market – this time Experty ICO was the target. Days ahead of launch of the ICO event, hackers have scammed $150,000 worth of Ethereum from the ICO’s potential investors.
Hackers targeted one of the people who carried out Experty’s proof-of-care review to get user information, which included the registered potential investors’ full names, email addresses, and ETH-addresses. Then they sent the investors fraudulent pre-ICO messages. These poorly drafted messages requested that the investors purchase Experty tokens (EXY) using Ethereum within the next 12 hours in order to receive bonus EXY tokens.
These phishing messages contained wallet addresses belonging to the hackers. Multiple addresses were used.
Many investors, in the hope of receiving bonus tokens, fell for the scam – in the last few days, 74 transactions were registered to the addresses provided, the total value of all the transactions being $150,000.
The team behind Experty addressed this scam and assured the victims that they will compensate them with EXY tokens, and that they will also provide bonuses.
In a post published in Medium, Experty wrote: “We are greatly saddened by the recent email scam that has targeted our community due to the recent data breach. We will be contacting the victims that are in our database in order to distribute the proportional amount of EXY tokens to them, including the bonuses for their tier, from our company allocation. If someone wishes to receive ETH instead, we ask them to please contact us privately about this.”
To stop scammers from taking advantage of the situation, the announcement added: “Any ETH sent to the scammer after this announcement [January 28, 2018 at 21:30 UTC] will not be refunded in order to prevent people purposely sending money to the scam address to receive EXY tokens.”
Bitcoin Suisse is responsible for handling the Experty ICO event, and it also issued an official statement warning investors not to send funds to the compromised addresses.
Bitcoin Suisse wrote: “We are taking precautions and increasing security to ensure that this does not happen again.”
Enormous capital flows and poor security measures have attracted the attention of many hackers and scammers. According to a recent study, ICO-funded projects are enduring around 100 cyber attacks per month. Another study by Ernst and Young found that around 400 million dollars have been lost or stolen as a result.
The ICO market is so vulnerable that with the recent rumors regarding the Telegram ICO, a number of fake sites were set up to lure early investors into purchasing malicious coins. Finally, the company’s CEO officially announced that no website for fundraising has been opened yet.
Fraudsters have even faked entire ICOs – as with the Benebit multi-million dollar scam, for example.