Some 12 hours ago, a hacker sent back 10,000 Ethereum from his FAKE_Coindash account. This large transaction follows a smaller one of 488 Ethereum a week ago. The transaction was made to one of the public Coindash addresses, namely:
"We have notified the Counter Cyber Terrorist Unit in Israel, investigation efforts will increase,"
- explained the Coindash team on their official blog. A formal update on the situation is still expected.
Before that, the transaction record showed the fake account had gathered small sums from a lot of users, as the Coindash ICO in July was compromised and part of the backers sent their Ethereum to the fake address.
The estimation was that around 43,500 Ethereum were diverted during the ICO campaign, as the hacker faked the account. And since July 17th, the end of the ICO, the address lay dormant until now.
Coindash said it would further investigate the case and monitor the hacker's account.
Reddit discussions right after the hack held speculations that the ICO theft might be intentional. Others believe the attack was a mix of an email scam and redirection to a cloned site. This is not unusual for ICOs, as others have reported diverted funds.
Since blockchain transactions cannot be refunded, or addresses blocked or blacklisted, hacking attacks on an ICO are an outright loss for investors. ICOs that suffered from a cloned site or a faked address include KickICO, Veritaseum and Enigma.