Another cryptocurrency service provider has been hacked, costing hundreds of thousands of dollars worth of losses to Stellar users this time. DNS hackers have hijacked the Blackwallet server, redirected some of the traffic and made off with 669,920 XLM.
Stellar Wallet Blackwallet Compromised
The team behind Blackwallet, a Stellar Lumen (XLM) web wallet, has confirmed reports that the service has been compromised on Saturday, and that hackers have taken 669,920 lumens, which were worth about $400,000 at the time. The stolen loot has since been transferred to Bittrex, and Blackwallet tried contacting the exchange asking for help in recovering it.
The Blackwallet creator commented: “I am sincerely sorry about this and hope that we will get the funds back. I am in talks with my hosting provider to get as much information about the hacker and will see what can be done with it. If you ever entered your key on blackwallet, you may want to move your funds to a new wallet using the stellar account viewer. Please note however that blackwallet was only an account viewer and that no keys were stored on the server!”
DNS Hacks on the Rise
Blackwallet was hit by a type of attack called DNS hijacking, wherein hackers redirect the Domain Name System to point to servers they control instead of the affected server. “The DNS hijack of Blackwallet injected code, if you had over 20 Lumens it pushes them to a different wallet, explained cyber-security researcher Kevin Beaumont.
This is not the first time such a method was used to defraud cryptocurrency users, and probably not the last as copycats see how effective it is. Only a month ago DNS hackers steal over $270,000 in ethereum and tokens from Etherdelta exchange users. The attackers have been linked with this ethereum address, which now contains almost $6 million of ETH.