An unknown hacker has returned over 20,000 more ETH worth over $17m to CoinDash just months after the firm was hacked last year. In July 2017, CoinDash lost millions of dollars worth of Ethereum just three minutes after the cryptocurrency portfolio management platform launched its initial coin offering (ICO) by swapping the firm's wallet address for their own.
At the time, the losses were estimated at $7m. Following the hack, CoinDash promised investors, who sent money to the hackers' fraudulent wallet address, their funds back in CoinDash tokens.
"This was a damaging event to both our contributors and our company but it is surely not the end of our project," CoinDash said at the time, noting that it was looking into the security breach.
Now, CoinDash has revealed that another 20,000 ETH (currently $17.5m, £12.5m) has been returned to the company on Friday (23 February). The unexpected transaction also happened to come just days before the Israel-based company's formal product launch on Tuesday.
The company said its product launch is still on schedule and noted "this incident will not jeopardize the company's plan and commitment to our community".
"Similar to the hack itself, the hacker's actions will not prevent us from the realizing our vision, CoinDash product launch will take place next week as originally intended", CoinDash CEO Alon Muroch said in a statement.
It is still unclear what made the hacker return the stolen funds in two transactions so far. Besides, the returned Ethereum is worth much more than the stolen funds at the time they were swiped last year.
The bizarre incident has triggered quite a few theories so far. While some people claimed the heist was an inside job, others called it a PR stunt to attract media attention in the lead-up to its official product launch. However, there is currently no evidence to suggest any dubious or illegal activity on CoinFash's part.
Others speculated the hacker probably failed to transfer the stolen Ethereum immediately after the hack and was later unable to do so after their wallet address named was blacklisted and tracked under the name "Fake_Coindash".
CoinDash said it has notified the Counter Cyber Terrorist Unit in Israel and is monitoring the hacker's Ethereum address for any other suspicious activity.
In recent months, cybercriminals have been increasingly targeting cryptocurrency-related firms and exchanges, particularly during ICOs, as the hype and value of digital currencies continues to soar. Most recently, Italian cryptocurrency exchange BitGrail was hacked and lost about $195m worth of customers' cryptocurrency.
"It is difficult to forecast how many more similar incidents will happen in 2018, but undoubtedly a lot," Ilia Kolochenko, CEO of security company High-Tech Bridge, told IBTimes UK. "Some people still naively believe that crypto-currencies are their chance for a wealthy life, and they blindly spend their last savings on unstable digital coins via opaque online platforms.
"Obviously, it's a windfall for unscrupulous 'entrepreneurs' who won't shun the low-hanging fruit."