Cryptocurrency Exchange EtherDelta Hacked In DNS Hijacking SchemeDecember 21, 2017 6:53 pm
An attacker successfully breached the DNS server of decentralized cryptocurrency exchange EtherDelta Wednesday, enabling the hacker to redirect users to a malicious website, Cryptocoinsnews reported Thursday.
Using a series of tweets, EtherDelta warned users a hacker had temporarily hijacked its DNS server, enabling the attacker to send users to a fake, malicious version of the site, the report said.
As a decentralized exchange, Cryptocoinsnews reported, EtherDelta is governed by smart contracts, meaning the exchange does not have third-party control of user funds. However, the service does allow users to directly import their private keys to the exchange itself.
Because of this, the report said, the hacker was able to steal funds from users who unknowingly imported their private keys into the impostor website.
It appears the hacker stole approximately 308 ether, worth approximately $250,000 at the current exchange rate – in addition, a number of ERC20 tokens, according to data obtained from the Ethereum blockchain.
User who accessed the exchange using either MetaMask or a hardware wallet were “completely safe” from the phishing attack, EtherDelta said
The company explained deposits from users who never imported their key on the fake version of the website “should be safe,” but traders may want to consider moving their funds to a new wallet address as a security measure — and reevaluate their decision to import their private keys directly into a website, the report said.
The attack was the second major hack in the last few days as South Korean exchange Youbit revealed it lost 17 percent of its assets as the result of a hack — the second the company had endured this year — forcing its operator, Yaipan, to declare bankruptcy, the report said.
– WN.com, Jack Durschlag