The community supporting OpalCoin, an anonymous cryptocurrency offering decentralized storage, was recently under siege of a fake-wallet attack. A hacker stole almost 17% of the coin supply, most of which has been recovered.  

The Opal team announced the hack on the Bitcoin Talk forums on December 15th. The hacker spread a fake-wallet virus through the forums.

The Opal team had recently posted a legitimate link on the BitcoinTalk forums to the download to their latest client. Diabanhxeo, the hacker’s profile name (ID# 210031), quoted the link on a post, but changed the link to a malicious one that downloaded a fake RAR file. Opal’s client, however, is compressed with ZIP. 

The hacker has also performed a fake-wallet attack on Maiacoin, whose team identified the fake link and proceeded — like the Opal team — to delete posts that contained it.

The virus inside the fake wallet installs keyloggers that steal passwords and search for any cryptocurrency wallet.dat files, sending them to a remote server. The hacker allegedly stole 2.5 million OpalCoin.

A heated debate within the community followed, including a vote on whether to perform a rollback on the blockchain

A rollback would require major coin holders to perform a special kind of update, which would undo all transactions up to an agreed upon point in time. The process would not only undo the illegitimate transactions made by the hacker, but it would also undo many legitimate transactions, which would have caused those who purchased Opal immediately after the hack to lose their coins. The Opal team originally planned to compensate them in Bitcoin. Then negotiations with the hacker changed their course of action, and they cancelled the rollback.

Before negotiations with the hacker had begun, the community held a vote on whether or not to perform a rollback. The poll returned figures of 73 votes in support and 43 against.

Whit Jack, also known as Bassguitarman on the Bitcoin talk forums and in IRC channels, is a lead developer of OpalCoin. He reached out for an interview.

CointTelegraph: What is the current state of affairs in regards to the fake-wallet attack?

Whit Jack: The rollback is canceled. We recovered 65% of the coins from the hacker. ... He gave back 65% in exchange for no rollback and guarantees they will be sold at a fair rate.  [In other words, he will] not crash the market.

CT: The fake-wallet download included a virus. What is your current knowledge about what it can do?

WJ: It keylogs, scans for wallet files and sends them to a remote server.

CT: The user Voidlord posted a guide to remove the virus. Does Opal approve of this guide, or how should infected users proceed?

WJ: We have no stance currently. We have an expert examining the malware. But that guide is a very good start. Our stance that we've published publically is: Come on IRC  [#OpalCoin channel] and we'll tell you what to do.

CT: Whether or not to coordinate a rollback is certainly a hard choice. What are the best arguments against a rollback?

WJ: Centralization. We'd be giving ourselves too much power, and it sets a bad precedent. We can't roll back every time a user is hacked.

CT: Have you had any doubts about avoiding the rollback?

WJ: Of course. A hacker is still in control of some coins, but because the blockchain is not at risk anymore, I don't think we can justify.

CT: In the future, how can this kind of attack be prevented?

WJ: We're going to only distribute wallets through the site, no links ever posted on forums, and we'll remind everyone of that whenever we release a wallet.

Trading of Opal on exchanges has been paused for the time being, but it is expected to resume soon.


Did you enjoy this article? You may also be interested in reading these ones: