Cryptocurrency investment management platform CoinDash’s token sale was breached by unknown parties, with the startup’s Ethereum address changed to redirect investor’s funds.
The company released an emergency warning to prospective investors after the breach was discovered.
This is an emergency message delivered to you in order to stop you from sending your money to an unauthorized ETH address.
It seems like our Token Sale page was tampered and the sending address was changed. Please stop from sending your funds to any of the addresses until we say otherwise.
We are currently examining the situation and will shortly send further instructions.
CoinDash subsequently terminated the campaign — which was supposed to continue for 4 weeks — and posted a full statement to their web site:
Dear CoinDash contributors,
It is unfortunate for us to announce that we have suffered a hacking attack during our Token Sale event. During the attack $7 Million were stolen by a currently unknown perpetrator. The CoinDash Token Sale secured $6.4 Million from our early contributors and whitelist participants and we are grateful for your support and contribution.
CoinDash is responsible to all of its contributors and will send CDTs reflective of each contribution. Contributors that sent ETH to the fraudulent Ethereum address, which was maliciously placed on our website, and sent ETH to the CoinDash.io official address will receive their CDT tokens accordingly. Transactions sent to any fraudulent address after our website was shut down will not be compensated.
This was a damaging event to both our contributors and our company but it is surely not the end of our project. We are looking into the security breach and will update you all as soon as possible about the findings.
The CoinDash vision, product and team will continue to live on. We will be fast to recover and we will create the future of trading.
Reminder: We are still under attack. Please do not send any ETH to any address, as the Token Sale has been terminated.
More information will be published on our social channels and our website.
ZeroHedge reports that over $7 million in investments were intercepted before the breach was discovered and the fundraiser shut down.