Home / News

Hackers Hijack DNS Server for Cyrptocurrency Wallet BlackWallet, Over $400K Stolen From Users

Unknown hackers (or hacker) have hijacked the DNS server for BlackWallet.co, a web-based wallet application for the Stellar Lumen cryptocurrency (XLM). Catalin Cimpanu reporting in Bleeping Computer: "The attack happened late Saturday afternoon (UTC timezone), January 13, when the attackers hijacked the DNS entry of the BlackWallet.co domain and redirected it to their own server. 'The DNS hijack of Blackwallet injected code [said Kevin Beaumont] a security researcher who analyzed the code before the BlackWallet team regained access over their domain and took down the site ... If you had over 20 Lumens it pushes them to a different wallet… the attacker collected 669,920 Lumens, which is about $400,192 at the current XML/USD exchange rate."

By CircleID Reporter – CircleID's internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us. Visit Page

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Comments

This article is insufficiently detailed By Karl Auerbach  –  Jan 16, 2018 5:35 pm PDT

This article does not say enough to be useful.  Was a DNS server taken over via a penetration, or was the registrar/registry penetrated (e.g. a password or phishing attack) and the delegation changed to a masquarading DNS server, or some other attack vector?

Another point - Since we are talking security here - does CircleID support HTTPS?

Yes By Roland Rocke  –  Feb 10, 2018 6:36 am PDT

So, I would simply say you are right. Well about it being able to open just the webcam. I have had, and in-fact used one. It is called a RAT. For those that dont know it stands for Remote Administration Tool or the 'T' can stand for terminal. It gives them the ability to view anything about your computer. They have access to anything hence 'Remote ADMINISTRATOR Tool'. So yes can access your webcam as you said, but it can keylog your computer getting your passwords, disable task manager, anything. I made an example for my cousin showing him what i could do. I completely over heated his computer with what I could do with a simple dark comet RAT. If you wanna contact me for more information my email is robertsteel685 on gmail.. Go ahead and email me your questions.

Add Your Comments

 To post your comments, please login or create an account.

Related

Topics

Brand Protection

Sponsored byAppdetex

Domain Management

Sponsored byMarkMonitor

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPXO