$400,000 Worth of Stellar Lumens Stolen Through DNS Attack

Tuesday, 16/01/2018 | 13:48 GMT by Arnab Shome
  • The funds were stolen from user accounts - the team is investigating the matter.
$400,000 Worth of Stellar Lumens Stolen Through DNS Attack
Finance Magnates

As the crypto economy grows, Cryptocurrencies thefts are also on the rise. Last Saturday, hackers targeted the web-based wallet platform BlackWallet.co to steal 669,920 Stellar Lumens, worth over $400,000, from user accounts.

The hackers hijacked the Domain Name Service of the website by gaining access to the owner’s account and then redirecting the traffic to a similar looking site on their own server.

As users of the wallet logged in, they were unknowingly putting their credentials into the fake web server set up by the attackers.

According to security analyst Kevin Beaumont, who analyzed the code: “The DNS hijack of Blackwallet injected code.”

“If you had over 20 Lumens it pushes them to a different wallet,” he added in a Twitter conversation.

The attackers have transferred all the funds to the cryptocurrency exchange Bittrex and converted them into other digital coins to cover their tracks.

According to Bleeping Computer, BlackWallet tried to warn users via social media, but it was all in vain.

In a Reddit post, a user with the username “orbit84”, claiming to be the owner of the affected site, writes: “I am the creator of Blackwallet. Blackwallet was compromised today, after someone accessed my Hosting provider account. He then changed the dns settings to those of its fraudulent website (which was a copy of blackwallet). I’ve contacted both SDF and Bittrex to ask them to block the bittrex’s account of the hacker. I’ve contacted my hosting provider to disable my account and my websites.”

Apologizing to the users, he continued: “I am sincerely sorry about this and hope that we will get the funds back. I am in talks with my hosting provider to get as much information about the hacker and will see what can be done with it.”

This is not the first time that this particular wallet was attacked by hackers - reportedly, the site was also hacked in July last year, but details of that attack are not available.

Currently, Stellar Lumens is the 9th largest cryptocurrency in the market with more than $8.9 billion in market cap, according to coinmarketcap.com. Since December, the coin has gained 566 percent and is currently trading at $0.5.

DNS hijacking is becoming a very popular tool for hackers. Just before Christmas, attackers targeted another wallet, EtherDelta, using the same technique. The Classic Ether Wallet and the Etherparty ICO website were also victims of the same kind of attack.

Finance Magnates discussed various aspects of cryptocurrency storage vulnerabilities in a recent interview with cybersecurity expert Alex Heid.

As the crypto economy grows, Cryptocurrencies thefts are also on the rise. Last Saturday, hackers targeted the web-based wallet platform BlackWallet.co to steal 669,920 Stellar Lumens, worth over $400,000, from user accounts.

The hackers hijacked the Domain Name Service of the website by gaining access to the owner’s account and then redirecting the traffic to a similar looking site on their own server.

As users of the wallet logged in, they were unknowingly putting their credentials into the fake web server set up by the attackers.

According to security analyst Kevin Beaumont, who analyzed the code: “The DNS hijack of Blackwallet injected code.”

“If you had over 20 Lumens it pushes them to a different wallet,” he added in a Twitter conversation.

The attackers have transferred all the funds to the cryptocurrency exchange Bittrex and converted them into other digital coins to cover their tracks.

According to Bleeping Computer, BlackWallet tried to warn users via social media, but it was all in vain.

In a Reddit post, a user with the username “orbit84”, claiming to be the owner of the affected site, writes: “I am the creator of Blackwallet. Blackwallet was compromised today, after someone accessed my Hosting provider account. He then changed the dns settings to those of its fraudulent website (which was a copy of blackwallet). I’ve contacted both SDF and Bittrex to ask them to block the bittrex’s account of the hacker. I’ve contacted my hosting provider to disable my account and my websites.”

Apologizing to the users, he continued: “I am sincerely sorry about this and hope that we will get the funds back. I am in talks with my hosting provider to get as much information about the hacker and will see what can be done with it.”

This is not the first time that this particular wallet was attacked by hackers - reportedly, the site was also hacked in July last year, but details of that attack are not available.

Currently, Stellar Lumens is the 9th largest cryptocurrency in the market with more than $8.9 billion in market cap, according to coinmarketcap.com. Since December, the coin has gained 566 percent and is currently trading at $0.5.

DNS hijacking is becoming a very popular tool for hackers. Just before Christmas, attackers targeted another wallet, EtherDelta, using the same technique. The Classic Ether Wallet and the Etherparty ICO website were also victims of the same kind of attack.

Finance Magnates discussed various aspects of cryptocurrency storage vulnerabilities in a recent interview with cybersecurity expert Alex Heid.

About the Author: Arnab Shome
Arnab Shome
  • 6654 Articles
  • 102 Followers
About the Author: Arnab Shome
Arnab is an electronics engineer-turned-financial editor. He entered the industry covering the cryptocurrency market for Finance Magnates and later expanded his reach to forex as well. He is passionate about the changing regulatory landscape on financial markets and keenly follows the disruptions in the industry with new-age technologies.
  • 6654 Articles
  • 102 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}