News

Hacker Diverts Traffic from 19 ISPs to Steal a Large Sum of Bitcoins

It is said that researchers over at Dell’s SecureWorks security division have uncovered a series of hacking attempts in which a bitcoin thief redirected a portion of online traffic from 19 ISPs, including data from Amazon, DigitalOcean and OVH, in order to steam digital currency from a group of bitcoin users.

The hijack said to have lasted just 30 seconds, but the hacking attempt is said to have been performed 22 times. On each attempt, the hacker gained control of the processing power of a group of bitcoin miners, redirecting their mining activity towards his private pool. Security researchers say that the hacker was able to pocket a flow of bitcoins and other digital currencies worth roughly $9,000 through the hijacking.

“With this kind of hijacking, you can quite easily grab a large collection of clients,” said Pat Litke, one of the Dell researchers. “It takes less than a minute, and you end up with a lot of mining traffic under your control.”

A technique called BGP is said to have been used, exploiting the border gateway protocol. The hacker took advantage of a staff user account at a Canadian ISP to periodically broadcast a spoofed command that redirected traffic from other ISPs from February throughout May this year. The command, along with miners not checking their rigs to notice the ‘new’ settings, led to the hacker pocketing $83,000 worth of cryptocurrency.

“Some people are more attentive to their mining rigs than others,” said Joe Stewart, a Dell researcher whose own computers were caught up in one victimized mining pool. “Many users didn’t check their setups for weeks, and they were doing all this work on behalf of the hijacker.”

The BGP hijacking method has been discussed as a potential threat to the internet security since 1998. Back then, a group of hackers known as L0pht stated that they could use the attack to take down the entire Internet in 30 minutes. The discussion was followed at the DefCon security conference in 2008 and was later used in 2013 to temporarily redirect a portion of US internet traffic to Iceland and Belarus.

Thank you Wired for providing us with this information

Gabriel Roşu

Disqus Comments Loading...

Recent Posts

Phil Spencer Is Against Expansions That Are “Manipulative” and Cut From Base Games

Phil Spencer has spoken out against what he calls "manipulative expansions"—additional content derived from material…

21 hours ago

Razer Launches USB 4 Dock for Gaming and Productivity

Razer has introduced the USB 4 Dock, a high-performance accessory designed to combine ultra-fast data…

24 hours ago

RTX 50 Will Seize the Whole Market Starting in December, Says GPU Cooling Supplier

A major supplier of GPU cooling components has indicated that we could see the arrival…

24 hours ago

MSI MEG X870E GODLIKE Motherboard Hits Stores for $1,099

MSI first unveiled its top-tier AM5 motherboard, the MEG X870E GODLIKE, in August this year.…

1 day ago

Anker SOLIX C1000 Portable Power Station

80% UltraFast Recharging in 43 Minutes: Be ready for adventure in 43 minutes (100% in…

1 day ago

ASUS TUF Gaming FX707VI 17.3″ Full HD 144Hz Gaming Laptop

Powered by Intel's 13th Generation i7-13620H 10 Core Processor Dedicated NVIDIA GeForce RTX 4070 (140…

1 day ago