Web-Based Crypto Wallet Hijacking

By Sixgill


Recently, cybercriminals have managed to redirect web-based crypto-wallet DNS queries to a malicious mirror website. By doing so, they were able to steal $17m in Ethereum. The hackers pulled off a BGP (Border Gateway Protocol) hijacking attack on the website’s DNS service host, causing it to receive a false IP address and direct users to a phishing website. As a result, the users became victims of the attack, losing their stored wallet’s crypto-currency.