BlackWallet hacked: Hackers replace DNS server, steal $400k in Stellar

Haythem Elmir
0 1
Read Time1 Minute, 49 Second

As the price of Bitcoin and other cryptocurrencies is surging, the cybercriminal community is exploring the opportunity to steal user funds as every now and then there are incidents involving hackers targeting unsuspecting investors by hacking an exchange and a wallet.

The latest victim of a hack attack against cryptocurrencies is the web-based BlackWallet used in storing Stellar Lumens (XLM). Reportedly, hackers successfully targeted BlackWallet this weekend (January 13th) and stole $444,000 in XLM.

How Hackers Hacked BlackWallet

The incident has been confirmed by the admin and creator of Blackwallet and an official statement has also been posted on Reddit according to which hackers compromised the hosting account of BlackWallet’s website (BlackWallet.co) then hijacked its DNS (Domain Name Servers) and redirected to a fake website that looked exactly like Blackwallet’s.

Following the change, the moment an unsuspected user signed in on the fake website their funds would go straight to the wallet owned by hackers. Moreover, hackers placed a code that with every sign in, would move 20 Lumens (that are needed to keep the wallet intact) to their account.

In total, hackers were able to transfer Stellar Lumens (XLM) worth $444,000 majority of which went to SDF and Bittrex cryptocurrency exchange where hackers will probably convert the stolen funds without getting their identity exposed.

According to a Tweet by Kevin Beaumont‏, an IT security researcher who examined the code placed by hackers “The DNS hijack of Blackwallet injected code if you had over 20 Lumens it pushes them to a different wallet.”

What Is Next

The creator of BlackWallet, on the other hand, has asked hosting firm to disable their account. They have also contacted SDF and Bittrex to freeze the stolen funds however it is unclear if both parties will be able to cooperate or whether there has been any response from them.

The BlackWallet admin is also suggesting customers immediately transfer their funds to some other wallet in the event they entered their key on blackwallet. Users can transfer their funds using the stellar account viewer.

To read the original article :

https://www.hackread.com/blackwallet-hacked-hackers-replace-dns-server-steal-stellar/

 

 

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
100 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Laisser un commentaire

Next Post

Skygofree (one of the most powerful strains of Android spyware) has been discovered

Security researchers from Kaspersky have found one of the most powerful strains of Android spyware that enable attackers to take full control over the infected devices remotely. The new spyware has been called Skygofree, it has been created for targeted surveillance. The researchers traced down indication of Skygofree’s activity back […]