BlackWallet Hackers Steal $400K From Users’ Accounts – Who’s at Fault?
On Saturday January 13th, a total of around $400,000 was stolen from BlackWallet users’ accounts after hackers hijacked its DNS server altering the flow of money. It was stated that if you had more than 20 XLM (Stellar Lumens), the cryptocurrency in which was stored in the accounts, the funds were redirected to a separate, private wallet.
The creator of BlackWallet, username /r/orbit84, came out with a statement on Reddit shortly after to discuss the attack.
“I am sincerely sorry about this and hope that we will get the funds back. I am in talks with my hosting provider to get as much information about the hacker and will see what can be done with it.”
Unfortunately, because the funds were relocated to an outside account called Bittrex Exchange, they were quickly transfigured to a different currency than Stellar Lumens, and therefore, couldn’t be detected, according a report by Bleeping Computers.
Hello @BittrexExchange , please block the account with MEMO XLM 27f9a3e4d954449da04, he hacked https://t.co/ooPMtN2HV4 and is now sending all the funds to your exchange! This is URGENT! A lot of money is involved (>$300,000) https://t.co/nH1MnpPeyw https://t.co/3NlQ01m1yV
— orbit84 (@orbit0x54) January 14, 2018
In an effort to spread the news quickly, people like Kevin Beaumont came to social media to warn users and others of the breach and discuss the BlackWallet injected code.
The DNS hijack of Blackwallet injected code, if you had over 20 Lumens it pushes them to a different wallet. pic.twitter.com/Eiwb8UR1Nn
— Kevin Beaumont (@GossiTheDog) January 14, 2018
At the helm of this offense, some are holding 1&1, the hosting provider of BlackWallet, for accountability and urging the developer to take action against 1&1.
When reading about the hijacked DNS server, remember these attacks aren’t new. Like the security breach back in December on the cryptocurrency exchange EtherDelta, hackers will continue to find ways to intercept online vaults.
However, it helps to have strong security.