/>
X

Liquid crypto-exchange says hacker accessed internal network, stole user data

Liquid admins said the intrusion was detected before any funds were stolen.
catalin-cimpanu.jpg
Written by Catalin Cimpanu, Contributor on
liquid.png

Liquid, one of today's top 20 cryptocurrency exchange portals, has disclosed a security breach on Wednesday.

In a blog post on its website, the company said that last week, on Friday, November 13, a hacker managed to breach employee email accounts and pivot to its internal network.

The company said it detected the intrusion before the hacker stole any funds, but a subsequent investigation revealed that the attacker was able to collect personal information from Liquid's database that stored user details.

Stolen information included real name, home address, emails, and encrypted passwords.

Liquid CEO Mike Kayamori said the company is still investigating if the intruder was able to steal proofs-of-identity that all users must provide when making their first transaction on the platform.

"We do not believe there is an immediate threat to your account due to our use of strong password encryption. Nevertheless, we recommend that all Liquid customers change their password and 2FA credentials at the earliest convenience," Kayamori said.

Another social engineering attack leading to a DNS hijack

The company blamed the intrusion on its domain name provider, which fell victim to a social engineering attack and incorrectly transferred Liquid's account to the hacker.

Immediately after gaining control of this account, Liquid said the attacker hijacked the company's DNS records, pointing incoming traffic to a server under their control.

The hacker is believed to have used access over the company's DNS records to redirect employees to fake login pages and collect their work email credentials, which they later used to access employee work email accounts, and later pivot to Liquid's internal infrastructure.

DNS hijacking attacks like these are bold, but they have also been very common against cryptocurrency services over the past few years. For example:

Cryptocurrency cyberattacks and breaches of 2019 (in pictures)

Related

Intel puts Ohio factory groundbreaking on hold while Congress sits on CHIPS Act
ohio-expansion-2-16x9-jpg-rendition-intel-web-1648-927

Intel puts Ohio factory groundbreaking on hold while Congress sits on CHIPS Act

Processors
Hybrid work vs the office: Tech workers earn more working from home
A confident Asian woman wearing business clothes speaks toward her laptop in her home office.

Hybrid work vs the office: Tech workers earn more working from home

CXO
Best computer science resources
replace-this-image.jpg

Best computer science resources

Computers & Tech