Smart Contract Breach
Dissimilar to most cryptocurrency, blockchain network, and token hacking attempts, the security breach of KICKICO was unique in that the hackers were able to gain direct access to the smart contract of the KICKICO blockchain network by obtaining the private key of the KickCoin smart contract.
During the period in which the hackers had complete access to the KickCoin smart contract, attackers destroyed 40 addresses and created 40 new accounts with identical balances, essentially stealing user funds from 40 different accounts. Since the stolen funds from the KICKICO blockchain network were not permanently destroyed but replicated, the fixed supply of KICKICO remained the same subsequent to the breach.
“KICKICO has experienced a security breach, which resulted in the attackers gaining access to the account of the KICK smart contract — tokens of the KICKICO platform. The team learned about this incident after the complaints of several victims, who did not find tokens worth 800 thousand dollars in their wallets,” Anti Danilevski, the CEO at KICKICO, said in a notice.
A few hours after the incident, the KICKICO team was able to regain access to its smart contract and replaced the compromised private key with the private key in its cold wallet, to protect the network and remaining user funds.
“But thanks to the rapid response of our community and our coordinated team work, we were able to regain control over the tokens and prevent further possible losses by replacing the compromised private key with the private key of the cold storage,” the KICKICO team added.
The KICKICO team emphasized in its official announcement that to the owners of the 40 accounts, the company will fully reimburse every user with KickCoin, recreating 40 wallets that were compromised.
Developers at KICKICO theorized that an increased number of hackers targeted the KICKICO network after KickCoin experienced exponential growth in the past two weeks, as its price tripled from $0.4 (ICO price) to $0.12…