Bitcoin is currently used by a number of major online entities as the virtual currency that holds real value. In the past, we have frequently reported the instances of Bitcoin frauds and thefts. Another has now hit the list, with a hacker stealing more than $12,000 from Bitinstant.
It is significant to note here that Bitinstant itself is one of the major sites using Bitcoin. Apparently, the attack was orchestrated by relying on social engineering. The hacker posed as one of Bitinstant’s own employees, having an email address and personal information which were strikingly similar to a real Bitinstant employee.
With this information, he went to the domain registrar and had the original account reset to his fake email address. Now that he had access to Bitinstant domain, he rerouted DNS so that Bitinstant employees could no longer access their email accounts. Then in three separate transactions, the hacker stole $12,800 from a Bitcoin exchange.
Interestingly, although many incidents of Bitcoin theft have taken place in the past, Bitinstant didn’t have a two-factor login authentication implemented. Not only that, even the Bitcoin exchange required only a username and password to let the hacker through.
Recently, Bitcoin has gained significant traction in e-commerce, and is beginning to intrigue the gaming industry – but if existing Bitcoin giants continue to let incidents like this happen, the interest of the rest of the industry is soon going to evaporate.
Courtesy: The Verge