Blockchain.info is the latest victim of a cyber-attack. The Blockchain tools and wallet service provider reported a security breach affecting its DNS servers yesterday.
According to the company’s statement, the attack happened at around 5:42 AM EST after an unknown attacker managed to access the DNS servers belonging to Blockchain.info. The attack led to a temporary outage of services which was later rectified by the Blockchain’s team.
The company, in its blog post, claims that the attack was carried out on the systems belonging to the company’s DNS registrar without presenting any threat to Blockchain’s own servers. However, the attack disrupted the services of the platform for over 7 hours, leaving its customers unable to access the site.
Details of Blockchain.info DNS Attack
The cyber-attack on Blockchain.info’s DNS servers were carried with great sophistication. As soon as the attacker changed the platform’s DNS servers, the company’s infrastructure team was alerted. The team, in turn, shut down the entire platform and conducted further investigation into the incident. During the investigation, it was found that the DNS servers were accessed by the criminals after compromising the DNS registrar’s systems.
Once the breach path was identified, the registrar manually regained control over the affected servers to revert changes. The services were resumed only after the fix was propagated throughout the internet.
The attackers were found to have used self-signed SSL certificates which prevented the Blockchain wallet users from being exposed to a phishing attack. In order to prevent any future attacks of a similar sort, the platform has introduced additional offline controls. Even the systems used by the attackers to breach the platform has been identified and shut down by the infrastructure team since then.
This incident reminds the importance of cybersecurity for cryptocurrency platforms. If the incident had gone unnoticed, the attackers could have easily redirected users away from Blockchain.info platform, gaining access to their login credentials in the process. Armed with the stolen credentials, they could have even stolen Bitcoin from the wallets.
Ref: Blockchain.info |Image: NewsBTC