Hackers Breach Smart Contract on Ethereum-Based Adult Entertainment Platform SpankChain

Published at:
Ethereum
Tokens
Hackers
Payments
Smart Contracts
Security
Bitcoin Scams

Ethereum-based adult entertainment platform SpankChain has suffered a smart contract security breach that led to loss of around $38,000, the firm reported on its Medium page Oct. 9.

The hack, which purportedly took place Oct. 6, was detected by SpankChain a day after, and was announced today in a post entitled “We Got Spanked: What We Know So Far.”

Anonymous attackers managed to steal 165.38 Ethereum (ETH) or around $38,000 from the platform’s payment channel smart contract. Additionally, the security breach caused the immobilization of $4,000 worth of the SpankChain’s internal token called BOOTY.

While most of lost or immobilized funds belong to SpankChain itself, the platform claimed that client reimbursements are of “immediate priority.” The company will shortly repay $9,300 worth of Ethereum and Booty coins directly to users’ SpankPay accounts via Ethereum airdrop.

The SpankChain team has subsequently halted its camservice Spank.Live in order to prevent users from depositing via the payment channel smart contract. The website reboot is expected to take around two to three days in order to reset the payment channel smart contract, carry out airdrop reimbursements, reset native token distribution, and eliminate the security weakness.

The attack was related to a “reentrancy” bug similar to that which exploited The Decentralized Autonomous Organization (The DAO). The hacker reportedly created a malicious contract mimicking an ERC20 token, with a “transfer” function calling back into the payment channel smart contract multiple times in a loop, extracting Ethereum each time.

A smart contract is a protocol that enables the specific behavior of a contract by applying the terms of the agreement into the code, eliminating the need for a third party intermediary.

While smart contracts are reportedly “extremely difficult to hack,” they are still a young technology, and can be prone to bugs, which may in turn be exploited by scammers.The adult entertainment industry is increasingly taking advantage of cryptocurrencies and blockchain technology, mostly driven by the technology’s inherent anonymity, as well as a number of other benefits.

Related Posts
Smart contract standards: Making DeFi transactions on Ethereum more secure   Nov. 21, 2020
Synthetix Reverses Oracle Error-Caused Misplaced sETH in Exchange for a Bug Bounty   June 25, 2019
Recently Hacked Adult Entertainment Platform SpankChain Returns Stolen BOOTY, Ethereum   Oct. 12, 2018
Are crypto and blockchain safe for kids, or should greater measures be put in place?   Feb. 26, 2022
What are the most bullish cryptocurrencies to buy right now? | Find out now on The Market Report   May 3, 2022