The user, “devops199”, triggered the flaw apparently by accident. When they realised what they had done, they attempted to undo the damage by deleting the code which had transferred ownership of the funds. Rather than returning the money, however, that simply locked all the funds in those multisignature wallets permanently, with no way to access them.
“This means that currently no funds can be moved out of the multi-sig wallets,” Parity says in a security advisory.
Effectively, a user accidentally stole hundreds of wallets simultaneously, and then set them on fire in a panic while trying to give them back.
Read more
Comments are closed.