Hackers stole $8.4 million worth of Veritaseum tokens before dumping all of them just a few hours later.
On 24 July, Veritaseum (VERI) founder and American entrepreneur Reggie Middleton confirmed the security incident in a post submitted to Bitcoin Forum:
“We were hacked, possibly by a group. The hack seemed to be very sophisticated, but there is at least one corporate partner that may have dropped the ball and be liable. We’ll let the lawyers sort that out, if it goes that far….
“The hacker(s) made away with $8.4M worth of tokens, and dumped all of them within a few hours into a heavy cacophony of demand. This is without the public knowing anything about our last traction.”
HackRead reports that the attackers subsequently transferred those stolen tokens to two addresses. From there, they sold the tokens for Ethereum, a cryptocurrency which has seen its fair share of heists in recent weeks, and transferred the total resultant amount to different addresses.
This incident, although uncomfortable for us, shows that the numbers listed are real and the market for VERI is real https://t.co/df79EMulC1
— Veritaseum UltraCoin (@Veritaseuminc) July 24, 2017
Veritaseum is a type of peer-to-peer, contracts-based wallet interface that enables entities with little technical expertise to create smart contracts without a third party (i.e. financial institution). As of this writing, it interacts with the Bitcoin blockchain. Its creators also intend to port Veritaseum to Ethereum.
Following the hack, Middleton and his team had the opportunity to “fork” Veritaseum, or create a divergence in the blockchain that could render all previous transactions invalid. But they chose not to do so given their evaluation of what the attackers stole. As Middleton elaborates on in his Bitcoin Forum post:
“… Veritaseum tokens are software that represent our knowledge, advisory and consulting skills, products and capabilities. Without the Veritaseum team, the tokens are literally wortheless! If someone were to someone confiscate 100% of the available tokens, all we need to do is refuse to stand behind them and recreate the token under a new contract. Again, we aren’t selling currencies, we aren’t selling securities. We are selling capabilities, and ability for those capabiliteis to connect parties P2P for the autonomous transfer of value…. [sic]”
At this time, it’s unclear how bad actors hacked Veritaseum and whether they made off with anything else such as customers’ information. There are some reports of phishing attacks targeting VERI users. With that said, those with Veritaseum wallets should be on the lookout for emails with suspicious links and email attachments.