In a report published by TechChurch, unknown hackers have attacked a Bitcoin brokerage company Bitinstant, breaching into its server and taking control of its DNS- server and stealing $12,000 worth of Bitcoins.
Hackers used simple social social engineering techniques to take over company’s email servers and DNS domains. In the next step, the hackers log into another, VirWox (another Bitcoin exchange) and disappeared with $12,480 worth of Bitcoin out of a Bitinstant account.
Bitinstant writes on their blog that the hacker contacted the company’s domain registrar at Site5 posing as their representatives and using a very similar email address as theirs, they did so by proxying through a network owned by a haulage company in the UK.
Armed with knowledge of representative’s place of birth and mother’s maiden name alone they convinced Site5 staff to add their email address to the account and make it the primary login.
We immediately realized what was going on, and logged in to change the information back. After changing this info and locking the attacker out, overnight he was able to revert my changes and point our website somewhere else. Site5 is denying any damages, but we suspect this was partly their fault.
The company is now investigating the breach but identity of hacker remains unknown.
Bitcoin (BTC) is a decentralized digital currency based on an open-source, peer-to-peer internet protocol.
Read more about the hack on Bitinstant‘s official blog.