Crypto-cash investors duped in funding scam
Cyber-thieves are believed to have stolen about $500,000 (£390,000) in the Ethereum crypto-currency, with an investment scam.
The thieves hijacked the website of finance security start-up Enigma and posted messages saying it was about to launch its own currency.
Many people keen to cash in transferred ethereum to the thieves’ account.
In response, Enigma shut down its website and adopted stronger security policies to keep hackers out.
In a statement posted to its Twitter account, Enigma said the thieves had carried out the scam after taking over the company’s web domain, mailing lists and Slack messaging service account.
By posting a message on the Enigma website and sending notices out via Slack and email, the malicious hackers convinced many people the security company was seeking early investors.
The attackers played on the fact that early next month Enigma plans to run a crypto-cash-based fundraising exercise to bankroll its expansion.
The criminal hackers asked for investments to be paid in ethereum and are believed to have amassed about $500,000 worth before the scam was spotted and shut down.
Enigma said none of its infrastructure had been used for the scam and none of its funds had been stolen by the attackers.
It said it had now regained control of its compromised accounts.
It has also adopted stronger security measures internally to prevent hijacks.
Enigma has also stopped using Slack and moved to the secure messaging program Telegram.
“We’ve moved up a number of critical security steps and taken additional measures to protect the community going forward,” Tor Bair, a spokesman for Enigma, told Wired.
“We’re now very well aware of the potential threats and are taking no chances.”
Enigma added it was helping to investigate the scam and who was behind it with the help of other crypto-cash and security companies.