Hacked: Hacking Finance


Bitcoin Wallet Provider Blockchain.info Suffers DNS Hack Attack

Posted on .

Bitcoin Wallet Provider Blockchain.info Suffers DNS Hack Attack


This article was posted on Thursday, 17:48, UTC.

Blockchain.info suffered a domain name system (DNS) hacking yesterday that sent users to the wrong servers, exposing bitcoin users’ passwords. Blockchain.info took its website offline for several hours to restore its service. The problem has been corrected and the website is now functioning.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //


The hack occurred around 11:00 GMT as the DNS information switched from Cloudfare to a cheap host provider in Tulsa, Okla. in the United States.

Bitcoin users immediately began warning one another on Twitter and Reddit. Blockchain took itself offline to reclaim its DNS records and direct users to the proper servers.

Blockchain Advises Users

Blockchain tweeted that it was researching a DNS issue and looking into it at 6:26 a.m. and tweeted several updates until 2:01 p.m., when it noted the services were restored and running normally.

Blockchain also confirmed the attack on Reddit and stated it would be several hours before service would be fully restored.

One Reddit post noted that with such an attack, funds are at risk, and that API requests and logins could have ended up being redirected to a server hosted by another party.

DNS hacks can allow an attacker to direct a site’s visitors to the wrong IPs. An attacker can collect login credentials for every user authenticating on the false portal.

Also read: Blockchain.info vs. the block chain: Redditors express discontent

Password Protection Urged

Users accessing Blockchain during the attack were advised to change wallet passwords immediately, Softpedia noted. Users of desktop and mobile apps who use the Blockchain API, which queries the same DNS server, should do the same thing.


Blockchain regained access to its DNS records at about 21:00 GMT and issued a statement, noting they took immediate action to resolve the issue. The statement said they were waiting for the DNS to propagate universally across the web before restoring services. Once the DNS propagated, service would be restored as soon as possible. Blockchain.info apologized for the inconvenience.

Softpedia confirmed late yesterday that the Blockchain website was functional and its DNS records pointed to the proper servers.

Blockchain, Softpedia noted, was served from two IPs, and, and loaded from the following DNS servers:

Name Server: DED88057-1.HOSTWINDSDNS.COM
Name Server: DED88057-2.HOSTWINDSDNS.COM

DNSStream (1.2). and OpenDNS also detected the attack.

Images from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.

Feedback or Requests?

Lester Coleman

Lester Coleman

Lester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.

There are no comments.

View Comments (0) ...
Recent reports showed that attackers are leveraging the vulnerability of…