Excerpt: EtherDelta is quickly becoming one of the go-to solutions when it comes to exchanging ERC20 tokens. In fact, there is no token that can’t theoretically be traded on this platform. Unfortunately, the protocol was targeted by hackers a few days ago, in the form of a malicious code injection. Thousands of dollars worth of cryptocurrency was stolen in the process. This attack vector has been fixed already, which is a good sign.
No one will be surprised to learn EtherDelta has become one of the more popular ERC20 trading platforms in the world today. Most major exchanges hardly list any ERC20 tokens these days, although the more prominent ones can be found eventually if one has enough patience. For those users who can’t be bothered to wait, however, there is EtherDelta. It is a convenient solution which provides quite a few liquid markets these days.
What makes EtherDelta so appealing is how the entire “exchange” is one smart contract. This is a good example of how powerful such smart contracts can be and how they can be used for many different purposes. This clever use of smart contract technology removes the need for centralized servers. In fact, this is a true decentralized application, of which we can only hope to see more moving forward. That doesn’t mean EtherDelta is completely safe from hacks, however.
It seems someone successfully injected malicious code into the EtherDelta “project”. More specifically, an unknown assailant started distributing a link to an unlisted EtherDelta token to cryptocurrency enthusiasts all over the world. Somehow, this link also made its way to the official EtherDelta chat room, which made it appear all the more legitimate. In reality, the URL linked to a malicious smart contract deployed by the attacker. The contract is a JavaScript code which, when executed, gives the assailant full access to data on the user’s session on EtherDelta.
No one will be surprised to learn EtherDelta has become one of the more popular ERC20 trading platforms in the world today. Most major exchanges hardly list any ERC20 tokens these days, although the more prominent ones can be found eventually if one has enough patience. For those users who can’t be bothered to wait, however, there is EtherDelta. It is a convenient solution which provides quite a few liquid markets these days.
What makes EtherDelta so appealing is how the entire “exchange” is one smart contract. This is a good example of how powerful such smart contracts can be and how they can be used for many different purposes. This clever use of smart contract technology removes the need for centralized servers. In fact, this is a true decentralized application, of which we can only hope to see more moving forward. That doesn’t mean EtherDelta is completely safe from hacks, however.
It seems someone successfully injected malicious code into the EtherDelta “project”. More specifically, an unknown assailant started distributing a link to an unlisted EtherDelta token to cryptocurrency enthusiasts all over the world. Somehow, this link also made its way to the official EtherDelta chat room, which made it appear all the more legitimate. In reality, the URL linked to a malicious smart contract deployed by the attacker. The contract is a JavaScript code which, when executed, gives the assailant full access to data on the user’s session on EtherDelta.
Source: https://themerkle.com/hacker-uses-malicious-smart-contract-to-trick-etherdelta-users/
@thoughtchain , thanks for writing this reasearch about Etherdelta . I want to buy MTH Monetha before it goes to major exchanges and thought about EtherDelta, but never used it, so that is holding me. What is your opinion on it? Thanks for sharing. Just upvoted. @gold84