BSV
$68.77
Vol 226.33m
-1.94%
BTC
$98906
Vol 116598.91m
3.13%
BCH
$495.14
Vol 2355.29m
9.17%
LTC
$90.14
Vol 1478.9m
7.26%
DOGE
$0.39
Vol 10401.41m
4.05%
Getting your Trinity Audio player ready...

Amazon has lost it. At least it did for a couple of hours Tuesday morning. An unidentified hacker was able to exploit a known bug in Internet routing protocols to compromise Amazon’s cloud servers, ultimately stealing about $150,000 in Ether (ETH), the cryptocurrency backed by Ethereum.

The hack took advantage of a weakness of a part of the Internet’s Domain Naming Service (DNS) protocols and allowed the hackers to mimic the cryptocurrency website MyEtherWallet.com. The attack began at around 6:00 AM PST and approximately 1,300 IP (Internet Protocol) addresses were targeted. The addresses reportedly belong to Amazon’s DNS, Route 53.

Amazon refuted the claims. In a statement obtained by Ars Technica, the e-commerce company said, “Neither AWS nor Amazon Route 53 were hacked or compromised. An upstream Internet Service Provider (ISP) was compromised by a malicious actor who then used that provider to announce a subset of Route 53 IP addresses to other networks with whom this ISP was peered. These peered networks, unaware of this issue, accepted these announcements and incorrectly directed a small percentage of traffic for a single customer’s domain to the malicious copy of that domain.”

The hack centers on the Border Gateway Protocol (BGP), part of the DNS system that correlates website names to IP address destinations. The BGP allows network operators the ability to send large amounts of Internet traffic from one location to another. Although it is considered to be a critical component of the Internet, it relies on open DNS systems that rely on a “trust factor” whereby entities are assumed to be who they say they are. The bug has been around for years, but no patch has yet to be created.

Last year there were two BGP-based attacks. The first occurred in April and involved traffic from Symantec, MasterCard and Visa. The second took place in December, and impacted Facebook, Apple, Microsoft and Google.

This latest attack was traced to a server in Russia by security researchers. $150,000 is a substantial amount to lose, it’s nothing compared to what was revealed to be held in the destination wallet. The researchers determined that the hacker’s wallet contained $17 million worth of digital currency.

Recommended for you

Blockchain enables autonomous AI agents to learn
Utilizing blockchain tech, a group of Belgian scientists enabled autonomous AI agents to learn and communicate securely, contributing to the...
September 17, 2024
WhatsOnChain gets own UTXO endpoints for BSV blockchain services
With ElectrumX set to retire in October, WhatsOnChain is gearing up to implement a new UTXO set of API endpoints,...
September 16, 2024
Advertisement