Hackers Hijack DNS Server of Cryptocurrency Exchange EtherDelta

In a series of tweets posted last night, cryptocurrency exchange EtherDelta announced it suffered a security breach after hackers managed to take control of its DNS server.

Decentralized cryptocurrency exchange EtherDelta said it believed hackers managed to take control over its DNS server before redirecting the etherdelta.com domain to a malicious server that predictably hosted a copy of the website.

“*BE AWARE* The imposer’s app has no CHAT button on the navigation bar nor the offical [sic] Twitter Feed on the bottom right,” the company said on its social media page. “It is also populated with a fake order book.”

It added:

*IMPORTANT* we have reason to believe that there had been malicious attacks that temporarily gained access to @etherdelta DNS server. We are investigating this issue right now – in the meantime please *DONOT* use the current site.

Clearly, the attacker forgot to spoof the exchange’s Twitter feed and change interface. However, it is possible that the attacker could have accessed user wallets, although the impact – if any – is unclear at this moment.

With a trading market volume of around $11 million per day, the metric would rank EtherDelta among the world’s top 75 trading websites. EtherDelta is ranked as the 85th largest cryptocurrency exchange as a crypto-to-crypto trading platform, rather than a typical crypto-to-fiat exchange platform.

At press time, the website now shows both the Twitter widget and the chat button showing again. In a series of tweets, the exchange confirmed it was functional again and moved to assure users that their funds are safe if their private individual user keys weren’t shared on the imposer’s phishing site.

“*ANNOUNCEMENT* We are in the last step to bring the service back and should have some announcements soon,” the exchange wrote. “Thank for you all for retweeting about the imposers phishing attack yesterday.”

With prices of multiple cryptocurrencies, including Bitcoin, on the rise, cybercriminals are increasingly targeting cryptocurrency exchanges and adopters with phishing and DDoS attacks.

Image credit: Pixabay.