Casa > cibernético Notícias > BlackWallet App Compromised, 400,000 USD In Lumens Stolen

BlackWallet App Compromised, 400,000 USD In Lumens Stolen

The BlackWallet browser-based wallet application has been compromised and 400,000 USD in user funds (in the Stellar Lumen cryptocurrency) were stolen from it. It’s still unknown who is behind this attack. To perform the attacks, hackers hijacked the DNS servers of the application. Mais particularmente, a DNS server connected to the domain of BlackWallet was compromised.

The creator of the BlackWallet app confirmed in a statement that an unknown individual had succeeded to access their hosting provider account, which led to the DNS changes and the theft of user funds.

Story relacionado: Bitcoin Proprietários, Trocas de criptografia: Hackers’ New Favorite Targets

More about the Attack on BlackWallet

Attackers were targeting the Stellar Lumen (XLM) criptomoeda. They succeeded in stealing approximately 670,000 Lumens which amounts to 400,000 USD.

The attack took place on Saturday (janeiro 13) in the afternoon (UTC timezone). This is when the attackers successfully hijacked the DNS entry of, and redirected it to their hacker-controlled server. Kevin Beaumont, the researcher who analyzed the code, said that “the DNS hijack of Blackwallet injected code” and that “if you had over 20 Lumens it pushes them to a different wallet”.

Alerts were quickly propagated during the weekend after the attack happened, in an attempt to warn users and prevent them from logging into the domain. Contudo, the alerts didn’t do much work as users continued logging. Here’s what the warning said:

If you used BlackWallet in the past then use your Secret Key and login to Stellar Account Viewer to use them. If you don’t login in the BlackWallet website your XLM is safe. Lumens are not stored in the wallets, Lumens are ALWAYS stored in the network, you just use wallets to have access to the network. If you use BlackWallet with your Secret Key then the script will steal your Secret Key and then your Lumens.

Once the theft was finalized, the stolen funds started to vanish into the Bittrex cryptocurrency exchange, reports reveal. BlackWallet made several attempts to contact the exchange so that the corresponding wallet is blocked. Contudo, these attempts have seen no results.

The BlackWallet creator apologized for the unfortunate event and said that he is in talks with the hosting provider to get as much information as possible about the hacker. He also highlighted that BlackWallet was only an account viewer meaning that no keys were stored on the server. Não obstante, it’s highly advisable for users that have recently entered their keys on the application, to move their funds as quickly as possible.

Story relacionado: Bitcoin, Ethereum Troca Bithumb Hacked, milhões Stolen

Keep in mind that if the main website of the application doesn’t function, the Stellar Account Viewer can be used instead.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar