More than $400,000 worth of Stellar lumens (XLM) were allegedly stolen in connection with the reported hack of wallet service BlackWallet.
Cybersecurity researcher Kevin Beaumont broke the news on Jan .13, explaining that BlackWallet’s domain name service (DNS) server had been compromised in what is known as a DNS hijacking attack.
Simply put, the attack allowed the hacker to redirect the DNS entry of BlackWallet’s domain to his or her own server, which contained a copy of the original website with one key difference: the attacker injected code into the wallet that automatically stole balances greater than 20 XLM.
Consequently, much like the DNS hijack that decentralized cryptocurrency exchange EtherDelta suffered last month, users’ funds were stolen after they entered their private keys into the account viewer.
An individual claiming to be the creator of BlackWallet posted a statement on the Stellar subreddit warning users about the attack, but the thief nevertheless made off with approximately 670,000 XLM, according to Bleeping Computer, worth roughly $419,000 at the present exchange rate.
The creator apologized profusely for the hack and said that the attacker had managed to access the service’s hosting provider account.
“I am sincerely sorry about this and hope that we will get the funds back. I am in talks with my hosting provider to get as much information about the hacker and will see what can be done with it,” the statement read.
He or she added that while the hack only affected users who accessed the fake BlackWallet website, all former users may want to take the extra precaution of using the official Stellar account viewer to move their funds to a new wallet.
The hacker wasted no time laundering the funds following the attack, and at the time of writing approximately 98 XLM remained in the wallet associated with the hack.
The attacker apparently sent at least a portion of the funds to cryptocurrency exchange Bittrex, but it is not currently known whether Bittrex learned of the hack in time to freeze the funds before the thief could launder and withdraw them from the exchange.
Featured Image from Pixabay