Bitcointalk.org, one of the largest and most active communities dedicated to the virtual currency, has become a victim of a man-in-the-middle attack. Members who have recently logged in are advised to immediately change their passwords.
According to one of the forum administrators, the attacker used a flaw in the infrastructure of the AnonymousSpeech registrar to change the forum’s DNS to point to a different server.
On the same day, the website was targeted by a distributed denial of service (DDoS) attack, suggesting that both incidents are a part of a sustained malicious campaign.
Meanwhile, Bitcoin is trading as high as $1,165 on Mt. Gox exchange.
Bitcointalk.org was established in November 2009, just months after Bitcoin first appeared online. Today, the community has around 175,000 members, and the website serves almost 400,000 page views per day.
“If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC, then your password may have been captured in a man-in-the-middle attack, and you should change your password here and wherever else you used it,” states the advisory on the website.
According to the administrator called ‘theymos’, the attacker was potentially able to intercept and modify encrypted forum transmissions, allowing them to see passwords, authentication cookies and private messages. The passwords could only be hijacked if users entered them into the website manually, which means those who had logged in using the “remember me” feature are not at risk.
Later on Monday, the website also suffered from a DDoS attack. “These two events are probably related, though I’m not yet sure why an attacker would do both of these things at once,” wrote ‘theymos’.
What do you know about Bitcoin? Take our quiz!
After axing 31 percent of its workforce when it failed to be acquired by Amazon,…
Mozilla Foundation axes 30 percent of its staff, and is eliminating its Advocacy Division that…
Improving security. Mandatory multi-factor authentication (MFA) is coming to the Google Cloud by the end…
New AI assurance platform from UK government will help businesses ensure they can safely develop…
Protecting kids? Australian government confirms plan to implement restriction on social media for children under…
Canada ordered China's TikTok business in the country to be dissolved over national security risks,…