- Parked Tesla Model S bursts into flames in shocking video Today 3:12 PM
- Fortnite is getting an Avengers Endgame event Today 2:44 PM
- The living are facing the end of the world in the latest ‘Game of Thrones’ Today 2:37 PM
- The best Korean beauty toners for your skincare routine Today 2:33 PM
- Warren’s plan to cancel student debt stimulates the bad-take economy Today 2:27 PM
- Video shows Easter Bunny punching man on sidewalk Today 2:09 PM
- The 7 best lubes for when you wanna do butt stuff Today 2:00 PM
- 11 best sex toys under $35 to blow your mind Today 1:30 PM
- Twitch streamer inadvertently documents all the times she was sexually, verbally harassed on vacation Today 1:12 PM
- Raptors coach Nick Nurse becomes a relatable meme Today 1:12 PM
- Man wears bandage that blends in with his skin tone, and Twitter has all the feelings Today 12:55 PM
- The 8 best Korean sunscreens to add to your bag Today 12:15 PM
- New ‘Avengers: Endgame’ commercials drop a few big spoilers Today 11:58 AM
- 11 party games for people sick of playing Cards Against Humanity Today 11:45 AM
- Curvy Wife Guy makes the most Curvy Wife Guy pregnancy announcement Today 11:31 AM
BitInstant, a service that makes it easier to buy Bitcoins, had $12,000 stolen from its company account in a social engineering attack.
A Bitcoin broker fell victim to a major digital heist over the weekend after hackers snuck their way into its accounts and made off with $12,000 worth of the digital currency.
The attack briefly shut down Bitcoin brokerage firm BitInstant over the weekend, as hackers took over its DNS servers and email accounts.
BitInstant, which acts as a middleman between Bitcoin exchanges and people looking to invest in the currency, said the attack did not compromise any customer accounts. Instead, hackers stole directly from the company’s own accounts—a bit of silver lining for a brokerage that at one point last year was exchanging $2.5 million of Bitcoins every month. An attack on its customers could have been disastrous.
Here’s how it went down: A hacker, which BitInstant believes is based in Russia, used publicly available info to weasel their way into the company’s domain name server (DNS) and kick out the legitimate owners. That gave them control over BitInstant email accounts. The next step was easy. The hacker went to online BitCoin exchange VirWox and asked to reset their passwords. Once they received the password reset email, they had full access to the BitInstant account on VirWox.
BitInstant wasn’t surprised by the attack. A company rep wrote in a blog post:
“We’ve long been targeted by someone using social engineering tactics to attempt to compromise our various accounts at exchanges, with our hosting provider Amazon AWS and even on my personal accounts, mostly without success. At no time have we ever had a single system or account compromised through technical means, or indeed at all before yesterday.”
This isn’t the largest heist in Bitcoin history. That dubious honor goes to Bitcoinica, a now-defunct digital exchange. In 2012, hackers made off with 60,000 bitcoins, worth hundreds of thousands of dollars at the time—a theft of such magnitude that it contributed to Bitcoinica shutting down entirely a few months later.
Bitcoin has been seeing a popularity explosion in recent months. It’s easy to see this latest hack as a sign that Bitcoin is a risky currency to own. But it’s also a sign of Bitcoin’s growing legitimacy. Thieves don’t usually waste their time on Monopoly money.
Photo by Jackbet/Flickr
Kevin Morris is a veteran web reporter and editor who specializes in longform journalism. He led the Daily Dot’s esports vertical and, following its acquisition by GAMURS in late 2016, launched Dot Esports, where he serves as the site’s editor-in-chief.