Popular Bitcoin forum targeted in DNS and DDoS attack

Share this article:

Roughly 175,000 members registered on bitcointalk.org are being discouraged from logging into their accounts following attacks against the popular Bitcoin forum, according to an advisory on the top of the main page.

“If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC, then your password may have been captured in a man-in-the-middle attack, and you should change your password here and wherever else you used it,” according to the advisory.

On Monday, a bitcointalk.org administrator named ‘theymos' wrote that what likely happened is an attacker took advantage of a vulnerability in the forum's registrar, Anonymous Speech, to redirect the domain name system (DNS) to a different point.

Bitcointalk.org was promptly transferred to a different registrar as a result, theymos explained, but the administrator added that those types of changes take time and that users should avoid logging into the website for about 20 hours.

“Because the HTTPS protocol is pretty terrible [on the forum], this alone could have allowed the attacker to intercept and modify encrypted forum transmissions, allowing them to see passwords sent during login, authentication cookies, PMs, etc.,” theymos wrote. “Your password only could have been intercepted if you actually entered it while the forum was affected.”

The administrator added, “I invalidated all security codes, so you're not at risk of having your account stolen if you logged in using the “remember me” feature without actually entering your password.”

Meanwhile, the Bitcoin forum is concurrently the target of a massive distributed denial-of-service (DDoS) attack, theymos wrote, adding that while the two events are probably linked, it is unclear why the attacker is doing both at once.

Share this article:

Sign up to our newsletters

More in News

Pentagon to triple its security workforce by 2016

Pentagon to triple its security workforce by 2016

Defense Secretary Chuck Hagel recently announced the recruitment efforts during a speech in Fort Meade, Md.

Tech manufacturer's online payment system breached

LaCie confirmed an unauthorized party used malware to access its online payment system for almost a year and could have stolen customer information.

The Heartbleed bug works, and could be a scapegoat for older breaches

The Heartbleed bug works, and could be a ...

Researchers proved the Heartbleed bug was real in a challenge issued by CloudFlare to prove private keys can be stolen, right around the time companies are claiming they were breached ...