{"id":2517,"date":"2021-03-18T16:38:46","date_gmt":"2021-03-18T16:38:46","guid":{"rendered":"https:\/\/www.trustrecipe.in\/?p=2517"},"modified":"2023-12-18T06:36:41","modified_gmt":"2023-12-18T06:36:41","slug":"social-tokens-crash-after-a-reported-security-breach-at-roll","status":"publish","type":"post","link":"https:\/\/immunebytes.com\/blog\/social-tokens-crash-after-a-reported-security-breach-at-roll\/","title":{"rendered":"Social tokens crash after a reported security breach at Roll"},"content":{"rendered":"\n<p><strong><em>Roll Wallet suffered a major security breach on the morning of 14th March, costing users millions of dollars. The hacker was able to sell off various personal tokens built using&nbsp;Roll\u00e2\u20ac\u2122s<\/em><\/strong>&nbsp;<strong><em>service.<\/em><\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>The Roll Network<\/strong><\/h3>\n\n\n\n<p><strong>Roll&nbsp;<\/strong>mints branded digital tokens, unique to a user\u00e2\u20ac\u2122s presence, allowing one to own, control and coordinate the value they create cross-platforms.<\/p>\n\n\n\n<p>Ethereum wallets capable of making transactions from the <a href=\"https:\/\/www.trustrecipe.in\/ethereum-virtual-machine-in-blockchain\/\" title=\"\">Ethereum blockchain<\/a> and within the Roll Network are also provided, one of which got hacked. A simple link-based system is operated to make sending and receiving social tokens as simple as sending a text.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>The Hack<\/strong><\/h3>\n\n\n\n<p>In the official&nbsp;<strong>report<\/strong>,&nbsp;the team at Roll mentioned that the hackers were able to steal all the tokens from the wallet and sell them on Uniswap for ETH. At the time of writing, it seems like the <a href=\"https:\/\/www.trustrecipe.in\/compromised-private-keys-threats-and-remedies\/\" title=\"\">private keys were compromised<\/a>, instead of a bug in the Roll smart contracts or any <a href=\"https:\/\/immunebytes.com\/blog\/token-smart-contract-audit\/\" title=\"\">token contracts<\/a>.<\/p>\n\n\n\n<p>Social tokens, namely\u00e2\u20ac\u201d&nbsp;WHALE, RARE, and&nbsp;<strong>PICA<\/strong>&nbsp;tanked more than 50% during the early hours, reported the data provider&nbsp;<strong>CoinGecko<\/strong>. Meanwhile, the RLY token of competing social money platform&nbsp;<strong>Rally&nbsp;<\/strong>spiked to all-time highs.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.trustrecipe.in\/wp-content\/uploads\/2021\/03\/pasted-image-0-14.png\" alt=\"\"\/><\/figure><\/div>\n\n\n\n<p><strong><em>\u00e2\u20ac\u0153Earlier today, the private keys to our hot wallet were compromised. We\u00e2\u20ac\u2122re investigating this with our infrastructure provider, security engineers, and law enforcement. Additionally, we\u00e2\u20ac\u2122re putting together a $500,000 fund for creators affected by this\u00e2\u20ac\u009d,<\/em><\/strong>&nbsp;tweeted&nbsp;the network, confirming the attack.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/www.trustrecipe.in\/wp-content\/uploads\/2021\/03\/pasted-image-0-15.png\" alt=\"\"\/><figcaption><em>Source:&nbsp;https:\/\/twitter.com\/tryrollhq\/status\/1371179318496354304<\/em><\/figcaption><\/figure><\/div>\n\n\n\n<p>Security incident detail can be accessed here shared by the team:&nbsp;https:\/\/tryroll.com\/security-incident\/<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Highlights<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li>Roll, a hot wallet for crypto got hacked.<\/li><li>Total value lost ~ $5.7M<\/li><li>The network\u00e2\u20ac\u2122s private keys were compromised<\/li><li>A fund of $50k is put together for refunding the losses<\/li><\/ul>\n\n\n\n<p><em>For now, we know that it wasn\u00e2\u20ac\u2122t a bug that led to this hack but you never know. We hope such incidents are effectively reduced but until then it\u00e2\u20ac\u2122s on you to stay safe and choose wisely. Connect with the team at ImmuneBytes for all your&nbsp;<a href=\"https:\/\/immunebytes.com\/blog\/solidity-smart-contract-audit\/\" target=\"_blank\" rel=\"noopener noreferrer\" title=\"\"><strong>solidity contract security.<\/strong><\/a><\/em><\/p>\n\n\n\n<p class=\"has-medium-font-size\"><strong>About ImmuneBytes<\/strong><\/p>\n\n\n\n<p>We are a team of&nbsp;<strong>India-based security professionals<\/strong>&nbsp;who are skilled in their niche. Although a start-up, you\u00e2\u20ac\u2122ll never have to compromise with anything from us. We strive to push forward and provide overall surveillance and quality service to our customers. Get in touch with us to get a <a href=\"https:\/\/immunebytes.com\/blog\/smart-contract-audit\/\" title=\"\">security audit for your smart contract<\/a>.&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Roll Wallet suffered a major security breach on the morning of 14th March, costing users millions of dollars. The hacker&hellip;<\/p>\n","protected":false},"author":2,"featured_media":10818,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[6,679],"tags":[],"class_list":["post-2517","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto-hacks-exploits","category-web3-security"],"_links":{"self":[{"href":"https:\/\/immunebytes.com\/blog\/wp-json\/wp\/v2\/posts\/2517","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/immunebytes.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/immunebytes.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/immunebytes.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/immunebytes.com\/blog\/wp-json\/wp\/v2\/comments?post=2517"}],"version-history":[{"count":14,"href":"https:\/\/immunebytes.com\/blog\/wp-json\/wp\/v2\/posts\/2517\/revisions"}],"predecessor-version":[{"id":10819,"href":"https:\/\/immunebytes.com\/blog\/wp-json\/wp\/v2\/posts\/2517\/revisions\/10819"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/immunebytes.com\/blog\/wp-json\/wp\/v2\/media\/10818"}],"wp:attachment":[{"href":"https:\/\/immunebytes.com\/blog\/wp-json\/wp\/v2\/media?parent=2517"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/immunebytes.com\/blog\/wp-json\/wp\/v2\/categories?post=2517"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/immunebytes.com\/blog\/wp-json\/wp\/v2\/tags?post=2517"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}