Cryptocurrency exchange EtherDelta, announced it suffered a security breach in a series of tweets posted online last night.
The exchange said it believed hackers managed to take over control over its DNS server and redirected the etherdelta.com domain to a malicious server hosting a copy of their website.
“We are investigating this issue right now,” a spokesperson for the company tweeted, “in the meantime please DONOT [sic] use the current site.”
“*BE AWARE* The imposer’s app has no CHAT button on the navigation bar nor the offical [sic] Twitter Feed on the bottom right,” the company added. “It is also populated with a fake order book.”
Security incident appears to be resolved
At the time of writing, the EtherDelta website shows both the chat button and the Twitter widget, albeit there has been no official announcement from the EtherDelta team about regaining control over their DNS records.
According to CoinMarketCap, EtherDelta is ranked as the 85th largest cryptocurrency exchange based on trading volume. EtherDelta is not a classic crypto-to-fiat exchange platform, but a crypto-to-crypto trading platform. It is also known for selling a large spectrum of ICO tokens.
EtherDelta is not the only company to announce it had its DNS server hijacked by attackers. Last week, Netherlands-based cyber-security firm Fox-IT said hackers hijacked its DNS server to carry out a MitM attack on its customer portal.
Constant attacks on cryptocurrency-related sites
Other cryptocurrency-related companies also suffered DNS hijacking attacks in the past year. For example, the website hijacking incidents of Classic Ether Wallet and the Etherparty ICO website are both suspected to be DNS hijacking events.
The above events happened in August and October, respectively, but security-related incidents took place at other cryptocurrency-related sites this month as well. For example, NiceHash, the world’s largest cryptocurrency mining market said hackers stole over 4,700 Bitcoin (around $62 million) at the start of the month, while South Korean exchange YouBit (formerly Yapizon) shut down yesterday and filed for bankruptcy after getting hacked the second time this year.
Reports published by FireEye, SecureWorks, RiskIQ, and Proofpoint blamed many of these attacks on hackers operating out of North Korea. Experts speculated that North Korean hackers are stealing digital currencies to evade financial sanctions and fund the state or personal coffers of Pyongyang’s elite.