Cybercriminals over the weekend compromised the BlackWallet application, stealing over $400,000 user funds in the process.
According to news reports, the unknown hackers hijacked the DNS server for BlackWallet.co, a web-based wallet for the Stellae Lemens (XLM) cryptocurrency and redirected it to their on server.
By redirecting the DNS server to a server controlled by the attackers, the attackers could easily steal users fund .... of which close to 700,000 Lumens with a worth of over $400,000 value were stolen.
"The DNS hijack of BlackWallet injected code, if you had over 20 Lumens it pushes them to a different wallet," Security researcher Kevin Beaumont who analyzed the code said in a tweet.
The moment any BlackWallet user logged onto the compromised BlackWallet website, the hackers then gains access to the users account and then empties it. And so to stop the hackers from causing further harm, alerts and warnings were quickly issued to warn users and prevent them from logging into the domain..but not all were lucky to come across the alert on time.
"If you used BlackWallet in the past then use your Secret Key and login to Steller Account Viewer to use them. If you don't login in the BlackWallet website your XLM is safe," the warning read. "Lumens are not stored in the wallets, Lumens are ALWAYS stored in the network, you just use wallets to have access to the network, If you use BlackWallet with your Secret Key then the script will steal your Secret Key and then your Lumen."
Shortly after the theft, the funds began to vansih into cryptocurrency exchange Bittrex. BlackWallet however, tried to communicate with the exchange so as to block the hackers wallet but appeal fell on deaf ears.
The BlackWallet admin advised users to move their funds to a new wallet using the Steller account viewer.
No comments:
Post a Comment
Ensure to drop your comments before leaving!!