As the crypto economy grows, cryptocurrencies thefts are also on the rise. Last Saturday, hackers targeted the web-based wallet platform BlackWallet.co to steal 669,920 Stellar Lumens, worth over $400,000, from user accounts.
The hackers hijacked the Domain Name Service of the website by gaining access to the owner’s account and then redirecting the traffic to a similar looking site on their own server.
As users of the wallet logged in, they were unknowingly putting their credentials into the fake web server set up by the attackers.
According to security analyst Kevin Beaumont, who analyzed the code: “The DNS hijack of Blackwallet injected code.”
“If you had over 20 Lumens it pushes them to a different wallet,” he added in a Twitter conversation.
The DNS hijack of Blackwallet injected code, if you had over 20 Lumens it pushes them to a different wallet. pic.twitter.com/Eiwb8UR1Nn
— Kevin Beaumont (@GossiTheDog) January 14, 2018
FXPRIMUS Celebrates 10-Year Anniversary with a Grand Gala in Kuala LumpurGo to article >>
The attackers have transferred all the funds to the cryptocurrency exchange Bittrex and converted them into other digital coins to cover their tracks.
According to Bleeping Computer, BlackWallet tried to warn users via social media, but it was all in vain.
In a Reddit post, a user with the username “orbit84”, claiming to be the owner of the affected site, writes: “I am the creator of Blackwallet. Blackwallet was compromised today, after someone accessed my hosting provider account. He then changed the dns settings to those of its fraudulent website (which was a copy of blackwallet). I’ve contacted both SDF and Bittrex to ask them to block the bittrex’s account of the hacker. I’ve contacted my hosting provider to disable my account and my websites.”
Apologizing to the users, he continued: “I am sincerely sorry about this and hope that we will get the funds back. I am in talks with my hosting provider to get as much information about the hacker and will see what can be done with it.”
This is not the first time that this particular wallet was attacked by hackers – reportedly, the site was also hacked in July last year, but details of that attack are not available.
Currently, Stellar Lumens is the 9th largest cryptocurrency in the market with more than $8.9 billion in market cap, according to coinmarketcap.com. Since December, the coin has gained 566 percent and is currently trading at $0.5.
DNS hijacking is becoming a very popular tool for hackers. Just before Christmas, attackers targeted another wallet, EtherDelta, using the same technique. The Classic Ether Wallet and the Etherparty ICO website were also victims of the same kind of attack.
Finance Magnates discussed various aspects of cryptocurrency storage vulnerabilities in a recent interview with cybersecurity expert Alex Heid.