 |
| Photo by Antoni Shkraba |
Over 13 Million ALGO Now Suspected Stolen Between 19-21th of February
Yesterday AlgoDaddy posted an article about over 3.5 million ALGO being confirmed stolen from several different Algorand community members.
Today we can report that over 13 million ALGOs are suspected to have been stolen between the 19th to 21st of February, and over 12 accounts have been affected. It's unclear if the ALGO was stolen through an exploit or executed using phishing techniques.
Update: This article was updated on Wednesday evening with a response from the foundation's CTO, John Woods. We've also added information about the stolen funds provided by a ChangeNOW representative. Both can be found further down the article.
Developer Collective Suspect 13.3 Million ALGO Being Stolen
Algorand-focused developer collective D13.co contacted AlgoDaddy during the afternoon. They had found several large suspicious transactions similar to those previously reported hacked, this became apparent after having dug deeper into the Algorand transactions of ineligible governors between the 19th and 21st of February.
Bit, the founder of D13 collective, commented on the matter: "It's a weird middle ground where it's too many [affected accounts] to be a coincidence and too few to be mass exploitation" he added that "something curious seems to have happened to those accounts".
Most of the stolen ALGO has been transferred to the non-custodial crypto exchange known as ChangeNOW, which operates without extending KYC (personal identification) to all its users. Still, it should be noted that the ChangeNOW team has implemented several AML mechanisms designed to detect fraud and filter suspicious transactions.
 |
| D13.co XLM of affected accounts and transactions |
CryptoNOW Says Funds Are Safe
AlgoDaddy was in contact with a representative from ChangeNOW, who said that their risk-prevention system had halted suspicious transactions in ALGO and USDC on the Algorand blockchain worth $1.5 million, stopping the malicious actors from accessing the stolen funds any further.
ChangeNOW expressed its willingness to cooperate with the authorities and the victims of the theft and they are ready to provide any assistance necessary to help bring the perpetrators to justice.
Recommended Read:
FBI Has Been Informed, CTO Comments On The Issue
AlgoDaddy has been in contact with several of the affected users, one of which reported having put pressure on Algorand Inc., as well as the foundation, to get a response to the situation. The same user said that he had reported the stolen ALGO to the U.S. Federal Investigation Bureau, hoping that they would look into the matter.
After the initial silence the foundation's chief technical officer, John Woods, commented on Twitter and reassured users that the theft was not due to any technical problems with the Algorand protocol itself.
Woods also said that they're working with affected users on an individual basis to help them investigate what happened.
Folks - I agree that there are too many of these hacks to be a coincidence, but it's not a problem with the protocol. We're working to help on an individual basis, looks like a targeted attack to me. Be extra careful with your Operational Sec, double check before you approve txns. https://t.co/TTLdacdgai
— John Woods (@JohnAlanWoods) February 22, 2023
It's still unclear how this crypto heist exactly happened. At the moment the amount of stolen ALGO totals to over 13.3 million, i.e. almost 3.6 million USD.
