Cyber Incident Victim: CoinDash

On July 17, 2017, CoinDash's Initial Coin Offering (ICO) was compromised within three minutes of its launch when an unidentified hacker breached the company's official website. The attacker altered the displayed Ethereum wallet address, substituting CoinDash's legitimate address with a fraudulent one. This modification occurred during the critical opening phase of the ICO, a fundraising mechanism analogous to an IPO where investors send cryptocurrency to a published address in exchange for tokens. CoinDash detected the intrusion and shut down its website promptly, announcing the breach via Twitter with messages stating "Website has been hacked" and instructing users to cease Ethereum (ETH) transfers. According to company statements, $6 million worth of ETH had been legitimately collected before the wallet address was altered. Blockchain records showed the attacker's address accumulated 43,438 ETH ($7.8 million at the time), with CoinDash attributing approximately $7 million of this total to diverted investor funds intended for their platform.

CoinDash terminated the ICO immediately upon discovering the breach and initiated an investigation, though technical details of the intrusion remained undisclosed. The company committed to issuing CoinDash Tokens (CDTs) to nearly all affected investors, covering contributions sent to both the legitimate address before the hack and the fraudulent address prior to the website shutdown. Transactions directed to the malicious wallet after the site was taken offline were explicitly excluded from compensation. This response aimed to uphold obligations to contributors while containing further losses, as the stolen funds represented capital intended to develop CoinDash's Ether social-trading platform. The incident concluded with the attacker retaining the stolen cryptocurrency, while CoinDash focused on damage control through token distribution and internal forensic analysis.