Blockchain.info, one of the most popular online Bitcoin wallet services in the world, was forced to take its service offline this week (12 October) after suffering a DNS hijack that left its 8 million-strong userbase vulnerable to cyberattack.
The digital currency service claims to power up to 100,000 Bitcoin transactions in a single day, so it was of little surprise that reports of the DNS attack quickly spread to messageboard websites such as Reddit and social media platforms.
Upon analysis, Blockchain.info administrators found the website’s Domain Name Resolution (DNS) information had been altered to re-direct anyone visiting the website to a potentially-malicious website URL, a cheap hosting provider located in the US.
After finding the security flaw, the team was forced to take down the site. Notifying concerned users on Reddit, the team wrote: “Our DNS provider was targeted. It’s going to be several hours before our services are fully restored. The CloudFlare DNS is propagating now.”
During the attack, users were left particularly at risk of bitcoin theft or malware infections. DNS attacks can typically consist of an attacker redirecting unsuspecting users to a malicious web