Friday, March 8, 2013
Hacker Steals $12,000 Worth Of Bitcoins In Brazen DNS-Based Attack
A Bitcoin brokerage, Bitinstant was hit by hackers who used a bit of social engineering to take control of the company’s DNS servers and ultimately funnel out $12,000 worth of Bitcoins. Hackers first took over the Bitinstant’s DNS domains and then the company’s email servers. They used these to log into another Bitcoin exchange, VirWox, and pull out $12,480 worth of Bitcoin out of a Bitinstant account.The company detailed the hack in a blog post last week, noting that no “personal or transactional information has been leaked.”
Based on their general MO, the attacker is not highly technically skilled but is sneaky enough to cover their tracks. Some of the hosting providers they directed our domain at may have billing information, but such billing information is likely a stolen card. Geographically, I would personally suspect them to be Russian, based on the choice of providers and based on past fruitless attempts that clearly were of Russian origin. They seem focused on me in particular and have tried many times to gain access to my accounts (both personal and business)
The unique nature of the hack and the number of blinds used to hide the attacker’s identity was fairly clever but Bitinstant notes that the exploit was focused mostly on faking passwords and a failure to use multi-factor authentication. As Bitcoin use grows online, it will only be a matter of time before we add a few more zeros to that $12,000 sum.