EtherDelta HACKED! How to manually recover your Ether and ERC20 tokens.

in etherdelta •  7 years ago  (edited)

Murphy's Law: If something could go wrong it will.

This is exactly what happened to me last night. About 4 hours before EtherDelta got hacked, I transferred 1.6 Ether to the exchange contract. The hacker rerouted their DNS server to their own copy of the EtherDelta website. So, if you were trading on that exchange 11 hours ago, your internal wallet would likely to have been compromised.

EtherDelta_DNS_Server_Hacked_21Dec2017.png

The site is down, and I suspect it will stay down for some time until they figure something out. If you try to go to https://etherdelta.com and your browser has MetaMask installed (in-browser Ethereum wallet), it will stop you from accessing this URL.

In the meantime, if you're wondering HOW THE HECK am I gonna get my tokens and Ether back, don't despair!

Your funds are still probably locked in the EtherDelta contract and you can recover them using MyEtherWallet.

For convenience, I have the MetaMask Chrome/Brave browser plug-in, but you can interact with the EtherDelta contract as long as you own your private key and can log onto your wallet through MyEtherWallet (https://www.myetherwallet.com/).

etherdelta_myetherwallet_contracts.png

Click on the Contracts tab and select the EtherDelta contract from the list (0x8d12A197cB00D4747a1fe03395095ce2A5CC6819)

Set Gas Price to 20 Gwei (or as suggested on https://ethgasstation.info/ - gas price safe low)

Interacting with the EtherDelta smart contract:

  1. Check the balance of your Ether and/or tokens

Select the balance function from the list.

etherdelta_contract_balanceOf.png

Enter just your Ethereum address (the one you connected with / from MetaMask) for your Ether balance and hit Read.

To find the balance of ERC20 tokens, you need to enter those tokens' contract addresses one by one and get their balance. You can find these addresses here: https://etherscan.io/token-search

  1. Withdraw your Ether

Select the withdraw function from the drop-down below Read / Write Contract.

etherdelta_contract_withdraw.png

Copy the amount of Ether you got from reading the balance, in my case 1.6 Ether looks like this (uint256): 160000000000000000 (don't put commas)

Put this value in the field to withdraw, and hit Write. MyEtherWallet will pop up a transaction warning asking you how much Ether to send with the transaction and the max gas cost. Set the Ether value to 0 and the gas price should be calculated by MyEtherWallet (based on your gas cost). A reasonable number is 37900 (don't put commas).

etherdelta_contract_withdraw_transactionWarning_censored.png

Hit "Yes I'm Sure" and this will create a transaction window in MetaMask. The window that pops up should look something like this (ignore the warning message and gas limit in units, there was a glitch and it miscalculated the gas limit). Max fee in Ether should be more like 0.001620 (actual transaction cost for this type of transaction will end up being around 0.000458 Ether).

etherdelta_contract_withdraw_transaction_MetaMask_censored.png

Note: All the costs for these withdrawals come out of your current wallet, and not what's deposited in the EtherDelta contract!

After each successful transaction, MyEtherWallet will give you a link on etherscan.io to check on it's progress.

etherdelta_contract_withdraw_transaction_censored.png

  1. Withdraw your tokens.

Select withdrawToken from the contract's function list. This time set the Token Address to the appropriate ERC20 contract (find them here https://etherscan.io/token-search) and hit Write. Follow the same steps as above. Example with EOS tokens:

etherdelta_contract_withdrawToken_EOS.png

.

Well, that's it guys. I really hope you got all your coins back!

Please upvote if you liked this post.

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

you can seek help from them https://venomthreads.com if you have issues like this. thank me later.