Bitcointalk.org Says DNS Was Hijacked, Passwords Compromised

Bitcointalk.org, one of the largest and most active communities dedicated to the virtual currency, has become a victim of a man-in-the-middle attack. Members who have recently logged in are advised to immediately change their passwords.

According to one of the forum administrators, the attacker used a flaw in the infrastructure of the AnonymousSpeech registrar to change the forum’s DNS to point to a different server.

On the same day, the website was targeted by a distributed denial of service (DDoS) attack, suggesting that both incidents are a part of a sustained malicious campaign.

Meanwhile, Bitcoin is trading as high as $1,165 on Mt. Gox exchange.

A series of unfortunate events

Bitcointalk.org was established in November 2009, just months after Bitcoin first appeared online. Today, the community has around 175,000 members, and the website serves almost 400,000 page views per day.

On Monday morning, the DNS entry for the website was changed to point towards an unidentified address that was protected by the CloudFlare network. The attack was discovered about six hours later, and the website was transferred to a different registrar. However, this kind of change is not instant, putting the members who accessed the forum during this time at risk.

“If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC, then your password may have been captured in a man-in-the-middle attack, and you should change your password here and wherever else you used it,” states the advisory on the website.

According to the administrator called ‘theymos’, the attacker was potentially able to intercept and modify encrypted forum transmissions, allowing them to see passwords, authentication cookies and private messages. The passwords could only be hijacked if users entered them into the website manually, which means those who had logged in using the “remember me” feature are not at risk.

Later on Monday, the website also suffered from a DDoS attack. “These two events are probably related, though I’m not yet sure why an attacker would do both of these things at once,” wrote ‘theymos’.

What do you know about Bitcoin? Take our quiz!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago