Home / News

Hackers Hijack DNS Server for Cyrptocurrency Wallet BlackWallet, Over $400K Stolen From Users

By CircleID Reporter
  • January 15, 2018, 3:02 am PST
  • Views: 16,105
  • Comments: 2

Unknown hackers (or hacker) have hijacked the DNS server for BlackWallet.co, a web-based wallet application for the Stellar Lumen cryptocurrency (XLM). Catalin Cimpanu reporting in Bleeping Computer: “The attack happened late Saturday afternoon (UTC timezone), January 13, when the attackers hijacked the DNS entry of the BlackWallet.co domain and redirected it to their own server. ‘The DNS hijack of Blackwallet injected code [said Kevin Beaumont] a security researcher who analyzed the code before the BlackWallet team regained access over their domain and took down the site ... If you had over 20 Lumens it pushes them to a different wallet… the attacker collected 669,920 Lumens, which is about $400,192 at the current XML/USD exchange rate.”

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

This article is insufficiently detailed Karl Auerbach  –  Jan 17, 2018 12:35 AM

This article does not say enough to be useful.  Was a DNS server taken over via a penetration, or was the registrar/registry penetrated (e.g. a password or phishing attack) and the delegation changed to a masquarading DNS server, or some other attack vector?

Another point - Since we are talking security here - does CircleID support HTTPS?

# 1 Reply  |  Link  |  Report Problems
Yes Roland Rocke  –  Feb 10, 2018 1:36 PM

So, I would simply say you are right. Well about it being able to open just the webcam. I have had, and in-fact used one. It is called a RAT. For those that dont know it stands for Remote Administration Tool or the ‘T’ can stand for terminal. It gives them the ability to view anything about your computer. They have access to anything hence ‘Remote ADMINISTRATOR Tool’. So yes can access your webcam as you said, but it can keylog your computer getting your passwords, disable task manager, anything. I made an example for my cousin showing him what i could do. I completely over heated his computer with what I could do with a simple dark comet RAT. If you wanna contact me for more information my email is robertsteel685 on gmail.. Go ahead and email me your questions.

# 2 Reply  |  Link  |  Report Problems

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

View All Topics