Blockchain.info platform suffers DNS attack, forcing it to be offline for several hours

Blockchain.info reported yesterday that their platform was hit by a DNS attack, which forced the platform offline for several hours.

Blockchain.info, a popular Bitcoin wallet service provider and blockchain query website, has recently fallen victim to a cyberattack. The website reported yesterday that a security vulnerability had occurred on the platform, which affected its DNS servers.

According to the company’s statement, the attack occurred at around 5:42 Eastern Time (US) when an unknown attacker attempted to access the DNS server belonging to Blockchain.info. The attack caused the platform’s service to be temporarily suspended, but it was soon fixed by the Blockchain team.

The company claimed in a blog post that the attack targeted the company’s DNS registration system and did not threaten Blockchain’s servers. However, the attack disrupted the platform’s service for seven hours, preventing customers from accessing the website.

Details of DNS attack on Blockchain.info

The Blockchain.info team was very sophisticated in dealing with the DNS server attack. As soon as the attackers changed the platform's DNS server, the company's infrastructure team discovered it. Immediately, the team shut down the entire website and launched an investigation into the incident. During the investigation, the company's team discovered that the DNS server was accessed by the hackers after the DNS registration system was compromised.

Once the vulnerability path is recognized by the system, the DNS system can only manually gain control of the affected server to restore it.

The attackers were found to have used a self-signed SSL certificate, which allowed Blockchain wallet users to remain undetected during phishing attacks. To prevent similar attacks in the future, the platform has introduced an additional offline control. Even if the system is exploited by an attacker, the infrastructure team can still shut down the entire platform at that time.

This incident reminds us how important cybersecurity is to cryptocurrency platforms. If the hack went undetected, the attackers could easily change the address that users use to log into Blockchain.info and obtain the user's login credentials in the process. With these stolen credentials, the attackers could even steal Bitcoin from the user's wallet.