Home / News I have a News Tip

Hackers Hijack DNS Server for Cyrptocurrency Wallet BlackWallet, Over $400K Stolen From Users

Unknown hackers (or hacker) have hijacked the DNS server for BlackWallet.co, a web-based wallet application for the Stellar Lumen cryptocurrency (XLM). Catalin Cimpanu reporting in Bleeping Computer: "The attack happened late Saturday afternoon (UTC timezone), January 13, when the attackers hijacked the DNS entry of the BlackWallet.co domain and redirected it to their own server. 'The DNS hijack of Blackwallet injected code [said Kevin Beaumont] a security researcher who analyzed the code before the BlackWallet team regained access over their domain and took down the site ... If you had over 20 Lumens it pushes them to a different wallet… the attacker collected 669,920 Lumens, which is about $400,192 at the current XML/USD exchange rate."

Related topics: Blockchain, Cyberattack, DNS
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

This article is insufficiently detailed Karl Auerbach  –  Jan 16, 2018 5:35 PM PDT

This article does not say enough to be useful.  Was a DNS server taken over via a penetration, or was the registrar/registry penetrated (e.g. a password or phishing attack) and the delegation changed to a masquarading DNS server, or some other attack vector?

Another point - Since we are talking security here - does CircleID support HTTPS?

Yes Roland Rocke  –  Feb 10, 2018 6:36 AM PDT

So, I would simply say you are right. Well about it being able to open just the webcam. I have had, and in-fact used one. It is called a RAT. For those that dont know it stands for Remote Administration Tool or the 'T' can stand for terminal. It gives them the ability to view anything about your computer. They have access to anything hence 'Remote ADMINISTRATOR Tool'. So yes can access your webcam as you said, but it can keylog your computer getting your passwords, disable task manager, anything. I made an example for my cousin showing him what i could do. I completely over heated his computer with what I could do with a simple dark comet RAT. If you wanna contact me for more information my email is robertsteel685 on gmail.. Go ahead and email me your questions.

To post comments, please login or create an account.

Related

Topics

New TLDs

Sponsored byAfilias

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

DNS Security

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC