Roll, a social token platform, confirmed a security breach on Monday after hackers stole and liquidated a large number of cryptocurrency tokens. The attackers stole nearly $5.7 million worth of cryptocurrency.
According to an official announcement by Roll, the private keys of the company’s hot wallets were compromised on March 14 and as a result, the hackers stole different social cryptocurrency coins from the platform. Roll added that attackers sold social tokens on Uniswap for Ethereum (ETH).
The attacked social tokens include WHALE, RARE and PICA. The prices of the social tokens crashed as much as 90% following the news. The total market cap of social cryptocurrency coins dropped significantly within a single day.
“There was a security incident with Roll’s hot wallet. As a result, the attacker was able to steal all the tokens from this wallet and sell them on Uniswap for ETH. As of this writing, it seems like a compromise of the private keys of our hot wallet and not a bug in the Roll smart contracts or any token contracts. We are investigating this with our infrastructure provider and law enforcement,” Roll mentioned in the official announcement.
Following the attack, Roll mentioned that the company has introduced a $500,000 cryptocurrency fund to support the attack victims. However, the refund announcement by Roll received criticism from the users as they are expecting a refund of 100%. The company disabled all withdrawals from the Roll wallet and announced a third-party audit of the security incident.
“It is hard to put into words how devastating this is, and we are really sorry about what happened. We will do a third-party audit of our security infrastructure over the coming days to ensure this never happens again. We will also run a forensic analysis to figure out how the key was compromised,” the company added.
The social cryptocurrency coin, WHALE has recovered since the attack but RARE and PICA are still down heavily in the market.