The developer of globally accepted popular BitCoin wallet, BlockChain, suffered a blackout this week after malicious attackers breached its core registrar systems and changed its DNS servers.
On Wednesday, the company reported that it had identified a DNS issue. Later, it found out that the attackers had infiltrated its DNS registrar.
Detailing the issue in a blog post, BlockChain Co-founder and CEO Peter Smith said the malicious attackers changed the DNS servers of BlockChain.info in an attempt to redirect users to a phishing website.
Fortunately, compromised registrar and the company responded quickly and restored the DNS servers before it propagated much across the web. The company decided to shut down its entire website platform to further analyze the incident, but luckily the cyber criminals were only able to access the registrar’s system.
The DNS settings were restored and the platform went back online within 8 hours. The company has now placed additional controls to prevent future incidents.
According to Smith, the redirected phishing website took advantage from a self-signed SSL certificate, that prevented modern web browsers from exposing the website. The phishing website page shut down after BlockChain reported it to the owner of the machine used in the attack. However, it is still possible and is unknown whether some users entered their credentials on that fake site.
Users at Reddit reported that the attackers changed the Blockchain’s name servers from Cloudflare webhost to Hostwinds, which claims to offer the cheapest webhosting services on the internet.
Many other BitCoin exchanges have reported being attacked over the past few months including Cavirtex, BitStamp, Bitfinex, BTC-E, and Bter.
Bitcoin-related websites are not only being targeted by profit-driven individual cyber criminals. BitCoin.org – the parent organization that monitors BitCoin software development – in August, warned users of potential state-sponsored attacks.
The BitCoin.org notices its community that, “We ask the Bitcoin community, and in particular the Chinese Bitcoin community to be extra vigilant when downloading binaries from our website.”
Share this article
About the Author
Peter Buttler an Infosec Journalist and Tech Reporter, Member of IDG Network. In 2011, he completed Masters in Cybersecurity and technology. He worked for leading security and tech giants as Staff Writer. Currently, he contributes to a number of online publications, including The Next Web, CSO Online, Infosecurity Mag, SC Magazine, Tripwire, GlobalSign CSO Australia, etc. His favorite areas Online Privacy, AI, IoT, VR, Blockchain, Big Data, ML, Fintech, etc. You can follow him on twitter.
More from Peter ButtlerRelated Posts
Passengers’ Data Stored on User Devices, not on DigiYatra Storage, says India Govt
KEY TAKEAWAYS Unblocking streaming content from Amazon Prime is easy only if you know the reliable V...
NCSC Chief: Clear Rules Needed to Prevent Cyberspace Conflict and Struggle
A safe and secure digital world necessitates a clear definition and enforcement of international cyb...
‘Revive’ has been upgraded to a banking Trojan on Android
This month, Cleafy’s security researchers discovered a new Android Banking Trojan in the wild....
Asian Industrial Control Systems Targeted by Hackers Using the Shadowpad Backdoor
Unpatched Microsoft Exchange servers in various Asian countries were the target of an attack campaig...
Data Breaches Could Occur Due to Kubernetes Misconfigurations That Were Leaked.
Over 900,000 Kubernetes (K8s) have been discovered to be vulnerable to malicious scans and/or data-e...
Attacks by Cybercriminals Will Become the Main Threat in 2024. Privacy Issues Tendencies
Internet Privacy is the main Concern today Advertisers track your online activities and interf...
