Logo

DOSarrest Vulnerability Testing and Optimization
Navigation
  • Home

Popular Bitcoin forum targeted in DNS and DDoS attack

on December 2, 2013 |
Denial of Service Denial of Service Attack DoS Attacks

Roughly 175,000 members registered on bitcointalk.org are being discouraged from logging into their accounts following attacks against the popular Bitcoin forum, according to an advisory on the top of the main page.

“If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC, then your password may have been captured in a man-in-the-middle attack, and you should change your password here and wherever else you used it,” according to the advisory.

On Monday, a bitcointalk.org administrator named ‘theymos’ wrote that what likely happened is an attacker took advantage of a vulnerability in the forum’s registrar, Anonymous Speech, to redirect the domain name system (DNS) to a different point.

Bitcointalk.org was promptly transferred to a different registrar as a result, theymos explained, but the administrator added that those types of changes take time and that users should avoid logging into the website for about 20 hours.

“Because the HTTPS protocol is pretty terrible [on the forum], this alone could have allowed the attacker to intercept and modify encrypted forum transmissions, allowing them to see passwords sent during login, authentication cookies, PMs, etc.,” theymos wrote. “Your password only could have been intercepted if you actually entered it while the forum was affected.”

The administrator added, “I invalidated all security codes, so you’re not at risk of having your account stolen if you logged in using the “remember me” feature without actually entering your password.”

Meanwhile, the Bitcoin forum is concurrently the target of a massive distributed denial-of-service (DDoS) attack, theymos wrote, adding that while the two events are probably linked, it is unclear why the attacker is doing both at once.

Source: http://www.scmagazine.com/popular-bitcoin-forum-targeted-in-dns-and-ddos-attack/article/323311/

Share this story:
  • tweet

Recent Posts

  • As coronavirus cases surge, so do cyberattacks against the healthcare sector

    January 11, 2021 - 0 Comment
  • DDoS Attacks Remain a Serious Threat to Businesses Worldwide

    December 17, 2020 - 0 Comment
  • Teen who shook the Internet in 2016 pleads guilty to DDoS attacks

    December 10, 2020 - 0 Comment
Comments are closed.
DOSarrest ad

Keep updated with the latest DDoS Attacks

RSSSubscribe
  • Home
  • Latest News
  • Contact
  • Sitemap
© Copyright 2013. All Rights Reserved. Web Development by: 6folds Marketing