Posted on December 23, 2017 at 8:31 AM
Hackers Intercept EtherDelta’s DNS Server
The cryptocurrency exchange, EtherDelta confirmed that they fell victim to a security breach which hijacked their DNS records.
The popular cryptocurrency exchange, EtherDelta, recently announced via Twitter that they’ve been the target of a severe security breach.
1/2?*ANNOUNCEMENT* We are in the last step to bring the service back and should have some announcements soon. Thank for you all for retweeting about the imposers phishing attack yesterday.
— EtherDelta (@etherdelta) December 21, 2017
2/2 *IMPORTANT* Please note if you were using @metamask_io or hardware wallet on EtherDelta, your funds are completely *SAFE* from the phishing attack.
— EtherDelta (@etherdelta) December 21, 2017
Dear users, we have reason to believe that there had been malicious attacks that temporarily gained access to @etherdelta https://t.co/NnqU5Er4rj DNS server. We are investigating this issue right now – in the meantime please DONOT use the current site.
— EtherDelta (@etherdelta) December 20, 2017
The company stated that they have discovered that malicious attackers were attempting to infiltrate and hijack its DNS server, in order to redirect EtherDelta’s web traffic to a malicious server that hosted a copy of the EtherDelta website.
According to a spokesperson for the company, they have launched an investigation as to nature and origin attack. The spokesperson emphasized that users should refrain from using the website until further notice.
The company gave their users helpful hints to discern the official website from the impostor, by noting that the fraudulent site does not feature a CHAT button on its navigation bar, and has no Twitter feed on the bottom right of the screen. In addition, the impostor has a fake order book.
Currently, the official EtherDelta website features both the Twitter widget and chat button, however, it is still unclear whether the crypto exchange managed to regain full control of their DNS records yet.
According to the crypto market analyzing tool, CoinMarketCap, EtherDelta is the world’s 85th largest crypto exchange according to trading volume. However, the exchange does not allow for crypto-to-fiat transactions, but instead only processes crypto-to-crypto transactions. In addition, EtherDelta is particularly known for its sheer amount of ICO tokens available.
Several crypto-related firms have been the target of malicious hacks, especially when it comes to DNS server hijacking. Just last week, Fox-IT, the cybersecurity firm that hails from the Netherlands, confirmed that their server was compromised in order to conduct man in the middle (MitM) attacks.
Several other fintech and tech firms complained of similar issues of compromised DNS servers in the last year. Several high-profile hacks of the last year, including the Classic Ether Wallet and Etherparty ICO websites, are considered to have fallen victim to compromised DNS servers earlier this year.
In this month alone, several other crypto-related companies took hits from hackers. The platform, NiceHash, which boasts the world’s largest cryptocurrency mining market, suffered over 4,700 bitcoin (the equivalent of $62 million) in damages after being targeted by hackers. In addition, the popular South Korean exchange, YouBit, forcibly shut down earlier this week after it fell victim to a second hack within eight months of its previous hack. The exchange lost millions and filed for bankruptcy.
As cryptocurrency prices continue to rise, its related firms are becoming increasingly targeted by hackers, with phishing and DDoS attacks techniques being particularly popular.
So far several reputable cybersecurity companies, including Proofpoint, SecureWorks, and RiskIQ, have traced these attacks back to state-backed North Korean hackers. Several experts noted that North Korea is likely turning to cryptocurrencies as a means of evading crippling financial institutions imposed on them by the international community.
