Christmas Xaurum Hack Report
Order is restored. The hack was unhacked.
Results of our hack analysis can be found here:
https://docs.google.com/spreadsheets/d/1GuSK4DwahHVxJVuZBwno2tnwJ-X6YIDxHCF3Fp7A998/edit?usp=sharingNearly all of the stolen funds have been retreived and the funds on exchanges (Bittrex and C-CEX) are frozen.
Some of the funds were dumped before our actions, and the users will be compensated.
- 18.58 M XAUR stolen (approximate value 1.4 M $).
- The attacker sent 17.58 M XAUR to his addresses at 2:28 CET
on:
0x0eb8fb894a58e67a238d8065e6f8d70690f5a290 999999.5 XAUR
0x3dba2e569559a5f1cc5a21f3106ec46f3640e301 8597998.5 XAUR
0x78134661e27962d6f84e5e2dcdd356acb462b0d1 7499999.5 XAUR
0xa6c20f2f035b402bd2700901e23970df3ce607b7 499999.5 XAUR
verify on
https://etherscan.io/token/xaurum- 499,999.50 XAUR sent to Bittrex at 03:49 CET
- 499,999.50 XAUR sent to C-CEX at 09:56 CET
- Markets closed at 10.30 CET
- The blockchain was stopped at 10.40 CET
https://etherscan.io/tx/0x63ed1f857d1293115f0c4cae3fea401341052e77601e027d480c4d834d879488- Finding a solution 11:00 - 14:00 CET
- Theft analysis 15:00 - 16:00 CET
- Solution testing 14:00 - 17:00 CET
- Waiting on opportune moment 17:00 - 00:30 CET
- 17.58 M XAUR was retreived by Xaurum Team at 00:37 CET
The remainder of the stolen funds are frozen on the attacker's account on exchanges.
We have contacted the authorities and will provide them with our gathered data.
Markets will reopen as soon as we can arrange that the funds on C-CEX will remain frozen.
The balances on the chain have been restored to their legitimate order and users will be able to transact as soon as the markets start.
The attacker tried to extort us on email with the email
tgarfield@bk.ru and via pm on bitcointalk as the user MarkedlySuperior.
We'd like to thank Bittrex, C-CEX, Livecoin on their amazing support on a holiday.
Merry Christmas,
Xaurum Team
