Amazon DNS service server hijacked for $152,000 Ether theft
Hackers made off with about $152,000 worth of Ether on Tuesday in an attack that exploited weaknesses in the internet’s infrastructure to steal users’ cryptowallet keys. The hackers did so by exploiting a weakness in DNS servers serving MyEtherWallet, a cryptocurrency exchange. DNS is a service that connects domain names like myetherwallet.com to whatever IP address it’s hosted on. “This is not due to a lack of security on the [MyEtherWallet] platform. It is due to hackers finding vulnerabilities in public facing DNS servers,” the company wrote in a Reddit post. Hackers hijacked the DNS servers around noon UTC, the company said, and redirected user traffic to a replica of myetherwallet.com hosted on a Russian server. The actual exploit was through the Border Gateway Protocol (BGP), explains security researcher Kevin Beaumont. BGP is the system that actually directs traffic to a website. MyEtherWallet noted in the Reddit post that, because users were rerouted to a phishing […]
The post Amazon DNS service server hijacked for $152,000 Ether theft appeared first on Cyberscoop.
Continue reading Amazon DNS service server hijacked for $152,000 Ether theft