Security Experts:

Connect with us

Hi, what are you looking for?



Hacker Steals $8.4 Million in Ethereum from Veritaseum

An unknown hacker stole around 37,000 VERI tokens from Veritaseum peer-to-peer platform and sold them for around $8.4 million in Ethereum during the company’s ICO (Initial Coin Offering).

An unknown hacker stole around 37,000 VERI tokens from Veritaseum peer-to-peer platform and sold them for around $8.4 million in Ethereum during the company’s ICO (Initial Coin Offering).

Veritaseum’s founder and CEO Reggie Middleton had posted details on the hack on the BitcoinTalk forums, where he also revealed that the compromise came through a company Veritaseum was working with.

“We were hacked, possibly by a group. The hack seemed to be very sophisticated, but there is at least one corporate partner that may have dropped the ball and be liable,” he noted in one post. “A company that we use was compromised, the vulnerability was closed, and we are investigating whether we should move against that company or not,” he mentioned in another.

Apparently, the hacker was able to steal the VERI tokens during the ICO and took advantage of their high demand to sell them immediately. The company had issued 100 million tokens, meaning that the stolen amount, 37,000, represented only around 00.07% of the total. While “the amount stolen was miniscule,” Middleton said, “the dollar amount was quite material.”

“The hacker(s) made away with $8.4M worth of tokens, and dumped all of them within a few hours into a heavy cacophony of demand. This is without the public knowing anything about our last traction,” Middleton revealed.

Veritaseum’s founder pointed out that, because the tokens were stolen from the company, no user was affected. The also noted that the company doesn’t consider it necessary to buy the tokens back and that they won’t fork VERI either, although they had the option to.

What Middleton didn’t reveal was who the corporate partner supposedly involved in the heist was. He did say, however, that the company will “let the lawyers sort that out, if it goes that far.”

The $8.4 million the hacker sold the VERI tokens for ended up in two Ethereum wallets that have been already emptied.

This is the latest in a series of several high-profile hacking incidents involving the crypto-currency, starting with a breach at the Bithumb crypto-currency exchange. Last week, $7 million worth of Ethereum was stolen from CoinDash during the company’s ICO, along with $30 million worth of crypto-currency from multi-sig wallets created with Ethereum Parity clients 1.5.

Related: Hacker Steals $30 Million in Ethereum from Parity Wallets

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.