Hackers hijack one of Coincheck’s domains for spear-phishing attacks

Hackers hijacked Coincheck’s domain registrar account and then changed DNS settings.

Japanese cryptocurrency exchange Coincheck says hackers took control over its account at a local domain registrar and hijacked one of its domain names, which they later used to contact some of its customers.

The exchange paused remittance operations on its platform on Tuesday while it’s investigating the incident. Other operations, such as withdrawals or deposits, have not been blocked.

According to an incident report published yesterday, the company said the initial attack took place on Sunday, May 31. The hackers gained access to Coincheck’s account at Oname.com, the company’s domain registrar provider. Oname also confirmed the incident.

While Coincheck didn’t provide any technical details about the attack, Japanese security researcher Masafumi Negishi said the hackers modified the primary DNS entry for Coincheck’s coincheck.com domain.

Coincheck uses Amazon’s managed DNS service, meaning an Amazon DNS server was handling the operation of returning the server IP address where users’ clients (browser, mobile apps, wallets) needed to connect for the coincheck.com domain.

Source : Hackers hijack one of Coincheck’s domains for spear-phishing attacks

Please follow and like us:
Tweet 1k

Related Post

ddos attack

Des failles du protocole GTP (GPRS Tunneling Protocol) laissent la 5G et d’autres réseaux mobiles ouverts aux vulnérabilités, selon un rapportDes failles du protocole GTP (GPRS Tunneling Protocol) laissent la 5G et d’autres réseaux mobiles ouverts aux vulnérabilités, selon un rapport

Les failles du protocole GTP (GPRS Tunneling Protocol, en anglais) affectent les réseaux mobiles et 5G mettant en danger les équipements industriels, les maisons intelligentes et les infrastructures urbaines, selon