On January 26 and 27, Experty, a developer of blockchain based project, users who signed up for notifications for the Experty ICO started receiving emails with a pre-ICO sale announcement of Experty (EXY) tokens.
Users were asked to send money to a Ethereum wallet if they wanted to buy EXY tokens and be part of the ICO.
These emails probably did not look too suspicious because they contained a lot of private user information, such as their ETH address and the correct amount of ETH the recipient pledged to contribute to the ICO.
The actual Experty ICO was scheduled for January 31. Experty made a formal statement on Medium, promising compensation of 100 EXY tokens to anyone who had their ETH address in their database. They explained that “we have determined that during the Proof of Care (PoC) review, one of our reviewers was compromised and hackers gained access to some information about users from PoC. We have eliminated the source of the hack.”
The only known Ethereum wallet address of the perpetrator currently numbers 75 transactions, over USD 150,000 worth of funds. However, a screenshot posted by crypto investor Chris Koerner on Twitter implies that the hacker used more than one Ethereum wallet address with the emails, so there is the possibility that even more money was stolen.
The community is outraged, with some going as far as to imply an inside job: “Yeah this is such an inside job. So horrible. And they took half a day to warn the community !?” argues Reddit user u/kamo287.
In another, more recent statement, Experty announced extra compensation for users who sent money to the scammer's wallet.
The Experty app allows blockchain influencers, advisors, and developers, and companies to monetize their time and knowledge, according to the website of the start-up.