Hackers Steal $400,000 in Stellar Lumens (XLM) via DNS Hijacking Attack

The BlackWallet.co Attack: A Breakdown

Digital criminals recently targeted Stellar Lumens (XLM), a rising cryptocurrency, by hijacking the DNS records of wallet service BlackWallet.co. Key details:

• Attack Method: Code injection compromised DNS settings
• Stolen Funds: ~670,000 XLM (~$400,000 at time of attack)
• Redirection: Users holding >20 XLM were silently redirected to hacker-controlled wallets
• Money Movement: Funds transferred to Bittrex exchange, likely for laundering

Security researcher Kevin Beaumont first identified the attack vector. BlackWallet's founder confirmed the breach via Reddit, urging users to migrate funds while coordinating with Stellar Development Foundation and exchanges.

👉 How to secure your crypto assets against DNS attacks

The Rising Threat of Crypto Cybercrime

2017-2018 saw escalating cryptocurrency-related attacks:

1. Mining Malware: Exploiting devices for covert Monero mining
2. Ransomware: New variants demanding Ethereum payments
3. Exchange Hacks: Smaller platforms becoming prime targets

Why Smaller Services Are Vulnerable

Many emerging wallet services and exchanges lack:

• Robust DNS security protocols
• Code injection prevention systems
• Enterprise-grade monitoring tools

Protective Measures for Crypto Users

For Individuals

• Use hardware wallets for large holdings
• Enable multi-factor authentication
• Monitor wallet activity daily

For Businesses

Implement:

• Web Application Firewalls (WAFs)
• Behavior-based threat detection
• Regular DNS record audits

Enterprise solutions like Trend Micro's Smart Protection Suites offer:

• Machine learning-powered analysis
• Website reputation scoring
• Real-time script blocking

👉 Essential crypto security tools for 2024

FAQ: Stellar Lumen Security

Q: How was BlackWallet.co compromised?
A: Hackers injected malicious code to alter DNS records, redirecting traffic to fraudulent servers.

Q: Should I still use Stellar Lumens?
A: Yes—the vulnerability was wallet-specific, not the XLM blockchain itself.

Q: How can I check if a crypto site is safe?
A: Verify SSL certificates, research the company's security history, and use tools like Trend Micro's Site Safety Center.

Q: Are hardware wallets immune to DNS attacks?
A: Yes—they don't rely on web interfaces vulnerable to DNS hijacking.

Q: What's the safest way to store XLM?
A: Use official Stellar wallets or hardware devices like Ledger Nano S.

Original source: Attackers Hijack DNS Entry of Stellar Lumen Wallet Application BlackWallet