Classic Ether Wallet Compromised via Social Engineering | Threatpost

Classic Ether Wallet, an open source wallet for the public, blockchain-based cryptocurrency platform Ethereum Classic (ETC) was compromised late last week. Developers of the decentralized platform said an attacker managed to hijack the domain for the wallet via social engineering late Thursday evening.

According to a tweet sent by developers with Ethereum Classic, a hacker called the domain’s registry and impersonated the owner of the service in order to gain control of the site.

Ethereum is a distributed public blockchain network used to mine Ether, a decentralized cryptocurrency considered by some as a rival to Bitcoin. As of Monday, according to, one Ethereum, or ETH, is equal to roughly $288.

After securing access to the domain, the hacker switched the site’s settings to direct the domain, and in turn funds, to their own malicious server. According to the service, the hijacked version of the site used “code to copy private key which is typed in by user and sends it to the hacker.”

Entrance to the site was blocked by a phishing warning from Cloudflare briefly on Thursday and unreachable for most of Monday morning. When the site could be reached, a notice that the domain had been registered via hosting provider 1&1 was displayed.

It’s unclear exactly what the attacker was able to say in order to trick the Germany-based 1&1 into handing over access to the domain. A request for comment was not immediately returned from 1&1 on Monday.

While the cryptocurrency in users’ wallets is safe, users who used the wallet to make a transaction while the site had been hijacked likely had their tokens sent to the hacker, instead of the designated recipient.

Until the site is back up administrators are encouraging users to use a secure version of the wallet at a site hosted at Github or and its $ETC node.

Victims on Reddit claim to have lost thousands through the scam, including one user who pointed to a series of Ethereum blockchain transactions that signal a loss of 1001 ETH, roughly $288,288 USD.

Bitcoin and other cryptocurrencies have proved to be an alluring target for phishing attacks over the years.

Last summer, researchers with Cyren and OpenDNS helped ferret out an attack designed to siphon money from legitimate Bitcoin wallets. Attackers tricked users into visiting sites, a spoofed version of in particular, in hopes they’d enter their actual username and password. By doing so the victims would have been handing their Blockchain credentials over to the attackers.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

two × four =

This site uses Akismet to reduce spam. Learn how your comment data is processed.