• NOW

News

  • NOW

Hackers Steal $400k from Users of a Stellar Lumen (XLM) Web Wallet

Another cryptocurrency service provider has been hacked, costing hundreds of thousands of dollars worth of losses to Stellar users this time. DNS hackers have hijacked the Blackwallet server, redirected some of the traffic and made off with 669,920 XLM.

Also Read: Japan’s Largest Bank to Launch Cryptocurrency Exchange

Stellar Wallet Blackwallet Compromised

Hackers Steal $400k from Users of a Stellar Lumen (XLM) Web WalletThe team behind Blackwallet, a Stellar Lumen (XLM) web wallet, has confirmed reports that the service has been compromised on Saturday, and that hackers have taken 669,920 lumens, which were worth about $400,000 at the time. The stolen loot has since been transferred to Bittrex, and Blackwallet tried contacting the exchange asking for help in recovering it.

The Blackwallet creator commented: “I am sincerely sorry about this and hope that we will get the funds back. I am in talks with my hosting provider to get as much information about the hacker and will see what can be done with it. If you ever entered your key on blackwallet, you may want to move your funds to a new wallet using the stellar account viewer. Please note however that blackwallet was only an account viewer and that no keys were stored on the server!”

Hackers Steal $400k from Users of a Stellar Lumen (XLM) Web Wallet
The Blackwallet website is now still offline

DNS Hacks on the Rise

Hackers Steal $400k from Users of a Stellar Lumen (XLM) Web WalletBlackwallet was hit by a type of attack called DNS hijacking, wherein hackers redirect the Domain Name System to point to servers they control instead of the affected server. “The DNS hijack of Blackwallet injected code, if you had over 20 Lumens it pushes them to a different wallet, explained cyber-security researcher Kevin Beaumont.

This is not the first time such a method was used to defraud cryptocurrency users, and probably not the last as copycats see how effective it is. Only a month ago DNS hackers steal over $270,000 in ethereum and tokens from Etherdelta exchange users. The attackers have been linked with this ethereum address, which now contains almost $6 million of ETH.

What cryptocurrency wallets can be trusted to protect users’ funds? Share your thoughts in the comments section below!

Images courtesy of Shutterstock.

Want to create your own secure cold storage paper wallet? Check our tools section.

Tags in this story
Bittrex, cryptocurrency wallet, Cyber Attack, Cyber Security, DNS, Hack, Hacker, Hackers, N-Featured, Stellar, web wallet, XLM
Related
Electron Cash Users Can Now Send Bitcoin Cash to Mobile Phones
WALLETS | Jamie Redman

The developers behind the Bitcoin-Cash-based Electron Cash light client have added a slew of new features to the latest 4.0.6… read more.

Bitcoin Cash and SLP-Fueled Badger Wallet Launches for iOS
WALLETS | Jamie Redman

On June 3, the popular bitcoin cash (BCH) light client Badger Wallet launched its open beta version for iOS mobile… read more.

Avi Mizrahi

Avi Mizrahi is an economist and entrepreneur who has been covering Bitcoin as a journalist since 2013. He has spoken about the promise of cryptocurrency and blockchain technology at numerous financial conferences around the world, from London to Hong-Kong.