11-21-2024
BSV
$67.48
Vol 206.37m
0.8%
BTC
$98196
Vol 123277.23m
4.31%
BCH
$484.9
Vol 2173.94m
11.29%
LTC
$88.97
Vol 1405.42m
6.71%
DOGE
$0.38
Vol 9353.04m
3.65%
Getting your Trinity Audio player ready...

Amazon has lost it. At least it did for a couple of hours Tuesday morning. An unidentified hacker was able to exploit a known bug in Internet routing protocols to compromise Amazon’s cloud servers, ultimately stealing about $150,000 in Ether (ETH), the cryptocurrency backed by Ethereum.

The hack took advantage of a weakness of a part of the Internet’s Domain Naming Service (DNS) protocols and allowed the hackers to mimic the cryptocurrency website MyEtherWallet.com. The attack began at around 6:00 AM PST and approximately 1,300 IP (Internet Protocol) addresses were targeted. The addresses reportedly belong to Amazon’s DNS, Route 53.

Amazon refuted the claims. In a statement obtained by Ars Technica, the e-commerce company said, “Neither AWS nor Amazon Route 53 were hacked or compromised. An upstream Internet Service Provider (ISP) was compromised by a malicious actor who then used that provider to announce a subset of Route 53 IP addresses to other networks with whom this ISP was peered. These peered networks, unaware of this issue, accepted these announcements and incorrectly directed a small percentage of traffic for a single customer’s domain to the malicious copy of that domain.”

The hack centers on the Border Gateway Protocol (BGP), part of the DNS system that correlates website names to IP address destinations. The BGP allows network operators the ability to send large amounts of Internet traffic from one location to another. Although it is considered to be a critical component of the Internet, it relies on open DNS systems that rely on a “trust factor” whereby entities are assumed to be who they say they are. The bug has been around for years, but no patch has yet to be created.

Last year there were two BGP-based attacks. The first occurred in April and involved traffic from Symantec, MasterCard and Visa. The second took place in December, and impacted Facebook, Apple, Microsoft and Google.

This latest attack was traced to a server in Russia by security researchers. $150,000 is a substantial amount to lose, it’s nothing compared to what was revealed to be held in the destination wallet. The researchers determined that the hacker’s wallet contained $17 million worth of digital currency.

Recommended for you

David Case gets technical with Bitcoin masterclass coding sessions
Whether you're a coding pro or a novice, David Case's livestream sessions on the X platform are not to be...
November 21, 2024
NY Supreme Court’s ruling saves BTC miner Greenidge from closing
However, the judge also ruled that Greenidge must reapply for the permit and that the Department of Environmental Conservation has...
November 20, 2024
Advertisement
Advertisement
Advertisement