Hackers Reroute ISP Traffic to Steal $83,000 in Bitcoins


#1

I wonder if this attack coukld also be carried out on Safecoins?

The original article can be found here

Hackers have managed to reroute raw internet traffic from numerous internet service providers (ISPs) in an attempt to steal bitcoins.

Dell SecureWorks says it has identified a total of 19 ISPs affected. Data used by Amazon, DigitalOcean and OVH was compromised in the attack.

Each incident lasted just 30 seconds, but the hacker managed to carry out the attack 22 times over the course of four months. The ultimate goal was to seize control of bitcoin miners, organised in mining pools.

Stealing up to $9,000 a day

The attacks appear to have been successful. Dell SecureWorks reports that up to $9,000 in bitcoin and altcoins such as dogecoin was stolen per day.

During the attack, miners believed they were still mining for their pool, while the flow of cryptocurrency generated by their mining operations redirected elsewhere. Researchers believe the culprits employed BGP hijacking to redirect the traffic, using spoofed commands to redirect traffic from ISPs.

The hackers used a staff user account belonging to a Canadian ISP, but the researchers do not know whether the hack was orchestrated by an ISP employee or someone from outside the company. A detailed description of the attack is available on the SecureWorks blog.

Researcher Pat Litke said this sort of attack can easily grab a “large collection of clients” in next to no time.

“It takes less than a minute, and you end up with a lot of mining traffic under your control,” he told Wired.

Six-figure damages?

The researchers concluded that around $83,000 worth of cryptocurrency was stolen in the attacks, though this is not the final tally.

According to the research team, this particular type of attack is difficult to replicate as the attacker must have access to an ISP. Therefore, Dell SecureWorks does not expect such attacks to be widespread.

This is not the first time Dell SecureWorks has tackled security threats related to bitcoin. Earlier this year the firm published a report identifying 146 strains of bitcoin malware. It also issued a number of warnings involving vulnerable browser extensions and other software.


#2

I feel like this article is trolling me. Unlikely to happen because BGP manipulation is difficult? Why are there reports of strange asymmetric routes (going through Europe) for some users? Or how about the time China sucked in an impressive amount of traffic from the US west coast before re-routing it back out? IMO, the art is making it unnoticeable, not in launching the attack itself.

This attack could be possible if someone used IP address(es) as identification in a farming pool. They should be using the PKI infrastructure provided by MaidSafe, which would make it extremely difficult to spoof. So I would say that the attack is unlikely.

Theres also a discussion here on whether farming pools are feasible in this network.


#3

Oooh keee Thanks