Hackers Steal $400k from Users of a Stellar Lumen (XLM) Web Wallet

Another cryptocurrency service provider has been hacked, costing hundreds of thousands of dollars worth of losses to Stellar users this time. DNS hackers have hijacked the Blackwallet server, redirected some of the traffic and made off with 669,920 XLM.

Also Read: Japan’s Largest Bank to Launch Cryptocurrency Exchange

Stellar Wallet Blackwallet Compromised

Hackers Steal $400k from Users of a Stellar Lumen (XLM) Web Wallet The team behind Blackwallet, a Stellar Lumen (XLM) web wallet, has confirmed reports that the service has been compromised on Saturday, and that hackers have taken 669,920 lumens, which were worth about $400,000 at the time. The stolen loot has since been transferred to Bittrex, and Blackwallet tried contacting the exchange asking for help in recovering it.

The Blackwallet creator commented: “I am sincerely sorry about this and hope that we will get the funds back. I am in talks with my hosting provider to get as much information about the hacker and will see what can be done with it. If you ever entered your key on blackwallet, you may want to move your funds to a new wallet using the stellar account viewer. Please note however that blackwallet was only an account viewer and that no keys were stored on the server!”

DNS Hacks on the Rise

Hackers Steal $400k from Users of a Stellar Lumen (XLM) Web Wallet Blackwallet was hit by a type of attack called DNS hijacking, wherein hackers redirect the Domain Name System to point to servers they control instead of the affected server. “The DNS hijack of Blackwallet injected code, if you had over 20 Lumens it pushes them to a different wallet, explained cyber-security researcher Kevin Beaumont.

This is not the first time such a method was used to defraud cryptocurrency users, and probably not the last as copycats see how effective it is. Only a month ago DNS hackers steal over $270,000 in ethereum and tokens from Etherdelta exchange users. The attackers have been linked with this ethereum address, which now contains almost $6 million of ETH.

What cryptocurrency wallets can be trusted to protect users’ funds? Share your thoughts in the comments section below!

Images courtesy of Shutterstock.

Tags in this story

Bittrex, cryptocurrency wallet, Cyber Attack, Cyber Security, DNS, Hack, Hacker, Hackers, N-Featured, Stellar, web wallet, XLM

Want to create your own secure cold storage paper wallet? Check our tools section.

Avi Mizrahi

An economist and financial writer, Avi has been covering Bitcoin since 2013. Routinely talks about the promise of cryptocurrency at conferences around the world.

Show comments

News

Hackers Steal $400k from Users of a Stellar Lumen (XLM) Web Wallet

Stellar Wallet Blackwallet Compromised

DNS Hacks on the Rise

Tags in this story

Avi Mizrahi

Bank of America, JPMorgan, Wells Fargo Collaborate to Launch Digital Wallet: Report

Metamask Wallet Users Warned to Be on the Lookout for Address Poisoning Attacks

Previous article

Next article

Bitcoin ATM Operator Indicted in New York Allegedly Running Illegal Business Attracting Criminals

Fed's Bullard Wants to Raise Bank Rate to 3.5% by Year's End, Hints at 75 Basis Point Rate Hike

Digital Ruble ‘Much Needed,’ Russia’s Central Bank Says, Won’t Delay Testing

Microbt Reveals Latest Bitcoin Mining Rigs — Machines Produce up to 126 TH/s With Custom 5nm Chip Design

Fidelity Investments Launches Crypto, Metaverse ETFs — Says 'We Continue to See Demand'

Argentinian Securities Regulator Launches Innovation Hub to Discuss Regulated Crypto Investments

Microbt Reveals Latest Bitcoin Mining Rigs — Machines Produce up to 126 TH/s With Custom 5nm Chip Design

Terra's Algorithmic Dollar-Pegged Crypto UST Is Now the Third-Largest Stablecoin

Flynt Finance Leverages GMX’s GLP for High-Yielding Investment Opportunities With USDC...

Global Digital Cluster Coin (GDCC) Is Now Available on LBank Exchange

“We’re on the Right Highway” How Metaspins Crypto Casino Is Growing...

How to Give Bitcoin or Another Cryptocurrency as a Gift Using...