Cryptocurrency trading app Taylor says all funds have been stolen in cyberattack

The trading app startup's team woke up to find an alleged threat actor had rinsed the Taylor fund pool.

A nightmare for promising startups but a common problem in the cryptocurrency industry is theft -- and the attacker which allegedly targeted Taylor did not hold back.

Taylor is a startup which wants to bridge the connection between cryptocurrency exchanges and mobile technology through the design and launch of a dedicated trading app.

The team has apparently developed the Taylor smart cryptocurrency trading assistant which is touted as "an easy to use app that will help you to make profit every day."

However, the project has been scuppered by an attack which has completely drained the startup of its cryptocurrency store.

The attack apparently took place on Tuesday last week. In a Medium blog post, the Taylor team said that "all of our funds have been stolen. Not only the balance in ETH (2,578.98 ETH) but also the TAY tokens from the Team and Bounty pools."

This equates to approximately $1.5 million.

However, the team claims that some funds were not stolen, and these were held in the Founders' and Advisors' pools and bound by a vesting contract.

According to Taylor, an investigation is taking place but the team says that the threat actor behind this attack may be the same as those connected to a cyberattack reportedly levied against CypheriumChain.

Taylor claims that security measures were in place to prevent such an attack, but these appear to have failed and while "we are all aware of the good practices, we confess that we may have neglected some very important details."

The company says the incident appears to be a "highly advanced and coordinated attack" but has revealed no further details.

The market for TAY tokens has closed on IDEX. The Taylor team claims that after witnessing a stolen fund dump attempt on IDEX, they themselves made the request to delist.

"We will probably not recover the stolen funds, but we have one of the most important assets a company can have: a strong community," Taylor says. "We're doing the best we can to overcome this unfortunate incident and grow even bigger and stronger, so your support is absolutely paramount to Taylor's success.

We reassure that we will spare no efforts to find a way to mitigate the implications of this incident for every single legit token holder."

In an open letter sent to the startup's supporters, Taylor said in an update that the firm had only $25,000 left, which has forced the company to rethink its future.

Fabio Seixas, Taylor co-founder and CEO said that a rebrand may be on the cards, as well as an "emergency" token sale to raise funds.

Seixas also suggested a cash injection from angel investors could save the project but warned this could take months.

"The goal for both funding options is to raise only enough to have a small and lean team to work for 12 months, paying for the basic operational and infrastructure costs," the executive added. "This timeframe should be enough to release the app, acquire the first users, start gaining some traction and generating revenue."

Whenever a cryptocurrency or blockchain-related startup or Initial Coin Offering (ICO) claims that a cyberattack has taken place, there is always skepticism as so many end up ghosting with investor funds and conducting exit scams.

Taylor was due to release its mobile app within the coming weeks and now is, instead, asking for participation in an emergency token sale.

As with any startup, project, or new face in the cryptocurrency industry, traders should make sure they perform due diligence before investing.

See also: Critical vulnerability impacts Bitcoin Cash miners

Last week, the Bitcoin Gold (BTG) network suffered a 51 percent attack; a bold technique used by a well-resourced threat actor which resulted in the theft of $17.5 million in BTG coins.

The attack lasted several days. However, it was not due to a vulnerability in the Bitcoin Gold network, but rather, 51 percent attacks are theoretically possible against all blockchain networks -- but it is rarely seen in practice.

Previous and related coverage