Hacker swindles £290,000 off cryptocurrency firm BlackWallet using malicious code

Hacker swindles £290,000 off cryptocurrency firm BlackWallet using malicious code

BitGrail goes bust after losing $170 million to large-scale theft

A suspected hacker stole approximately £290,000 in cryptocurrency from digital wallet provider BlackWallet by injecting a malicious code into the firm’s DNS server.

A malicious code injected by the hacker into BlackWallet transferred all deposits in excess of 20 or more Stellar lumens into another wallet owned by the hacker.

First revealed by security researcher Kevin Beaumont on Twitter, the latest cryptocurrency hack reminds us of a recent hacking episode that involved a hacker infiltrating trading platform CoinDash’s website during an Initial Coin Offering (ICO) and replacing the link where investors could send their funds with a new one, thereby pocketing $7.4 million in no time.

The latest BlackWallet hack involves the same methodology- hacking into a cryptocurrency wallet provider’s server and injecting a code to ensure all deposits are transferred to a separate wallet. The hacker behind the latest operation emptied his wallet before researchers could track him down. According to Bleeping Computer, the hacker managed to steal nearly 670,000 lumens before the operation was busted.

Following the revelation, a Reddit user named orbit84, who called himself the ‘creator of BlackWallet’, confirmed the breach and said that he took some steps to minimise its impact, including asking the host provider to disable his account and websites, tracing the hacker’s wallet address and asking both SDF and Bittrex to block the bittrex’s account of the hacker. It remains to be seen if BlackWallet will be able to recover the funds lost to the hack.

Commenting on the latest hack, David Kennerley, Director of Threat Research at Webroot, says that it demonstrates how virtual currency has become a new business model for cyber criminals.

‘We’re still exploring the blockchain space and wallet security is more important than ever. The multi-sig wallets in question are popular among companies because they have multiple key-holders and require a majority to sign off on transactions, making it trickier for fraudulent payments to be made.

‘With more and more coins are appearing and alternative uses for blockchain being discovered it’s going to continue to be a high-profile target for cyber criminals. It’s not just financial transactions like Bitcoin using blockchain, but also decentralised apps and cloud storage have already been developing in the space. Without a doubt blockchain technologies will be a big part of the future, but it will take some years for the disruption of contemporary tech to take place,’ he adds.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]