The company's says the incident is partly the fault of their registrar
BitInstant is the latest Bitcoin exchange website to fall victim to hackers. The company was forced to shut down its website between Thursday and Monday to address the issue.According to a statement made by the company’s representatives, the attackers haven’t managed to gain access to any personal or transactional information, but they have managed to “walk away” with $12,480 (€9,500) in BTC.
It turns out that the company has been targeted for a long time by “someone using social engineering tactics,” but so far they’ve been unsuccessful.
BitInstant highlights the fact that the incident is the result of social engineering and that no accounts or systems have been compromised through technical means.
The attackers contacted BitInstant’s domain registrar, Site5, and after posing as one of the website’s owners managed to convince the company’s staff to change the primary login email address.
After gaining access to the account, the cybercriminals redirected the DNS by pointing the name server to German website hetzner.de, whose name servers they used to redirect traffic to a hosting provider from Ukraine.
That’s how they managed to lock out BitInstant owners and reset the login for the exchange from which they stole the Bitcoins.
In addition to stealing the Bitcoins, the attackers have also managed to access internal company emails, but no sensitive information has been accessed because of the mandatory use of PGP encryption by members.
“Site5 is denying any damages, but we suspect this was partly their fault,” BitInstant representatives explained.
The company says it will move to a more secure registrar.
The identity of the attackers is unknown, but the web resources they utilized suggest that they’re based in Russia.