Blockchain.info, the largest web-based Bitcoin wallet, suffered a DNS hijacking attack today when users accessing the site were pointed to the wrong servers, exposing visitors to all sorts of attacks.
The incident took place around 11:00 GMT when the site's DNS information changed from CloudFlare to a cheap hosting provider based in Tulsa, USA.
Paranoid Bitcoin users noticed the DNS hijacking right away and started warning each other on Reddit and Twitter.
Blockchain.info took their website offline as they fought to reclaim their website's DNS records and point them to the right servers.
Blockchain users should change their passwords
DNS hijacks are extremely dangerous since an attacker can point a site's visitors to his server where he runs a clone of the original website.
During the time Blockchain.info DNS information led users to the wrong IPs, an attacker could have collected login credentials for everyone authenticating on the fake portal.
Users that accessed Blockchain.info today should change their wallet passwords right away.
The same goes for users of mobile or desktop apps that use the Blockchain.info API, which makes queries to the same DNS server.
Read more:
http://news.softpedia.com/news/bitcoin-wallet-blockchain-info-recovers-from-dns-hijacking-attack-509232.shtml