According to a statement from the Enigma team, those involved in the thefts were able to take control of the project’s website domain, one of the administrator accounts on its Slack channel and its mailing lists. Once in control, according to reports on social media, those involved began masquerading as the official team and distributing solicitations for an initial coin offering “presale.”
The team said in a statement earlier this morning:
“At this time, the Enigma team has retaken control of all compromised accounts, including the website. Some pages will remain deactivated for the time being while the team works. Please continue to be vigilant and check our communications across ALL channels. Do not send any money or personal information to anyone.”
The fake solicitations took place via Slack and email. According to a copy of the email obtained by CoinDesk, the scammers cited “enormous support” behind the launch of the “presale”, and included a link to the then-compromised Enigma website.
TechCrunch reported that nearly 1,500 ETH (roughly $500,000 at press time) had been deposited in the fake Enigma address before the team was able to regain control over the affected domain. That address has since been all but emptied, network data shows.
As previously reported by CoinDesk, Enigma aims to create a decentralized hub for information needed by fast-moving cryptocurrency hedge funds (though the plan is to create a broader market for data in the long-term). The team previously indicated that it would launch its initial coin offering (ICO) next month, though it’s unclear whether this security breaches will affect that timeline.
Other ICO supporters have been caught up in security problems in the past. In early July, as much as $7 million was diverted to a false address during the CoinDash ICO, prompting the team to shut down their website amidst the sale.
Disclosure: CoinDesk is a subsidiary of Digital Currency Group, which has an ownership stake in Enigma.
Hacker image via Shutterstock