Hackers Hijack DNS Server for Cyrptocurrency Wallet BlackWallet, Over $400K Stolen From Users

By CircleID Reporter

Unknown hackers (or hacker) have hijacked the DNS server for BlackWallet.co, a web-based wallet application for the Stellar Lumen cryptocurrency (XLM). Catalin Cimpanu reporting in Bleeping Computer: "The attack happened late Saturday afternoon (UTC timezone), January 13, when the attackers hijacked the DNS entry of the BlackWallet.co domain and redirected it to their own server. 'The DNS hijack of Blackwallet injected code [said Kevin Beaumont] a security researcher who analyzed the code before the BlackWallet team regained access over their domain and took down the site ... If you had over 20 Lumens it pushes them to a different wallet… the attacker collected 669,920 Lumens, which is about $400,192 at the current XML/USD exchange rate."

Related topics: Blockchain, Cyberattack, DNS

Comments

This article is insufficiently detailed Karl Auerbach  –  Jan 16, 2018 5:35 PM PDT

This article does not say enough to be useful.  Was a DNS server taken over via a penetration, or was the registrar/registry penetrated (e.g. a password or phishing attack) and the delegation changed to a masquarading DNS server, or some other attack vector?

Another point - Since we are talking security here - does CircleID support HTTPS?

Yes Roland Rocke  –  Feb 10, 2018 6:36 AM PDT

So, I would simply say you are right. Well about it being able to open just the webcam. I have had, and in-fact used one. It is called a RAT. For those that dont know it stands for Remote Administration Tool or the 'T' can stand for terminal. It gives them the ability to view anything about your computer. They have access to anything hence 'Remote ADMINISTRATOR Tool'. So yes can access your webcam as you said, but it can keylog your computer getting your passwords, disable task manager, anything. I made an example for my cousin showing him what i could do. I completely over heated his computer with what I could do with a simple dark comet RAT. If you wanna contact me for more information my email is robertsteel685 on gmail.. Go ahead and email me your questions.