BlackWallet hacked: Over $400,000 in cryptocurrency stolen after hackers hijack DNS server
"I am sincerely sorry about this and hope that we will get the funds back," the creator of BlackWallet said.
Hackers have hijacked the DNS server for BlackWallet, an online wallet application for the cryptocurrency Stellar Lumens (XLM), and drained users' accounts of hundreds of thousands of dollars. The attack reportedly took place on Saturday (13 January) after hackers managed to hijack its DNS server, change the settings and redirect it towards their own third-party server.
"BlackWallet was compromised today after someone accessed my hosting provider account," the creator of BlackWallet said in a statement on Reddit. "He then changed the DNS settings to those of its fraudulent website (which was a copy of BlackWallet).
"I am sincerely sorry about this and hope that we will get the funds back. I am in talks with my hosting provider to get as much information about the hacker and will see what can be done with it.
"If you have entered your key on BlackWallet, you may want to move your funds to a new wallet using the Stellar account viewer.
"Please note however that BlackWallet was only an account viewer and that no keys were stored on the server!" he added
According to security researcher Kevin Beaumont, the "DNS hijack of BlackWallet injected code."
Bleeping Computer reports that the hackers have stolen about 669,920 Lumens, amounting to about $438,546 (£319,103) according to the current rate. The attackers have moved the stolen funds to cryptocurrency Bittrex and will likely convert it to another digital currency to evade detection.
The DNS hijack of Blackwallet injected code, if you had over 20 Lumens it pushes them to a different wallet. pic.twitter.com/Eiwb8UR1Nn
— Kevin Beaumont (@GossiTheDog) January 14, 2018
Many users have taken to social media, Reddit, Stellar and other cryptocurrency forums to warn others against logging into the compromised website and having their funds vanish from their wallets.
BlackWallet administrators have also been trying to contact Bittrex to block the hackers' account.
This isn't the first time hackers have targeted crypto-related businesses and exchanges due to increased interest and steadily rising value of digital currencies.
Late last year, cryptocurrency EtherDelta was targeted by hackers who swiped over $200,000 worth of Ethereum. In early December, cryptocurrency mining marketplace NiceHash said its payment system was compromised and its entire virtual Bitcoin wallet was drained by hackers.
Bithumb, Veritaseum, CoinDash, Enigma and Tether also suffered breaches last year as well.
