Cryptocurrency exchange Liquid has revealed that it was hacked last week, after a malicious attacker managed to seize control of its DNS records, seized control of some internal email accounts, and gained access to the firm’s document storage infrastructure.
And, as a consequence, personal details of customers may now be in the hands of hackers.
In a blog post, Liquid CEO Mike Kayamori explained that last Friday the cryptocurrency exchange’s domain name hosting service incorrectly transferred control of its DNS records to a hacker.
Sign up to our newsletterSecurity news, advice, and tips.
If a hacker manages to seize control of your domain’s DNS records they not only have the power to redirect people attempting to visit your website to a server under their control, but they can also receive emails being sent to your business – and all the sensitive information that that may contain.
It’s certainly an embarrassing turn of events for the Japanese firm which describes itself as “the world’s most comprehensive and secure trading platform”.
From the sound of things, there was a colossal security failure when it came to keeping Liquid’s DNS records out of the hands of unauthorised parties. It’s unclear what additional security measures Liquid and its DNS provider may have had in place to make it harder for such a disastrous sequence of events to occur.
But what we do know from Liquid’s blog post is that the consequences of the security breach could be very serious, putting customers at the risk of phishing, fraud, and i ..
Support the originator by clicking the read the rest link below.
