See -
https://medium.freecodecamp.org/a-hacker-stole-31m-of-ether-how-it-happened-and-what-it-means-for-ethereum-9e5dc29e33ce
A long read. Someone has stolen $31M of Ether.
Interesting quote near the end of the article:
In blockchain, code is intrinsically unrevertible. Once you
deploy a bad smart contract, anyone is free to attack it as long
and hard as they can, and there’s no way to take it back if they
get to it first. Unless you build intelligent security mechanisms
into your contracts, if there’s a bug or successful attack,
there’s no way to shut off your servers and fix the mistake.
Being on Ethereum by definition means everyone owns your server.
A common saying in cybersecurity is “attack is always easier than
defense.” Blockchain sharply multiplies this imbalance. It’s far
easier to attack because you have access to the code of every
contract, know how much money is in it, and can take as long as
you want to try to attack it. And once your attack is successful,
you can potentially steal all of the money in the contract.
Imagine that you were deploying software for vending machines.
But instead of a bug allowing you to simply steal candy from one
machine, the bug allowed you to simultaneously steal candy from
every machine in the world that employed this software. Yeah,
that’s how blockchain works.
But can a digital wallets/crypto currency ever be secure ?
Nick
