The DNS server of Black Wallet was hijacked by a hacker such that whenever a user logs into the web-based wallet, the injected code directs the Stellar Lumens (XLM) coins – as long as more than twenty are held – to another wallet. It is estimated that about 700,000 Stellar Lumens coins, worth approximately $400,000, has been stolen till now.
The Black Wallet team has sent out warnings and alert messages to the users of Stellar coins via Stellar Community, Reddit, GitHub, Twitter, and Galactic Talk.
The Stellar community followed the address of the hacker and identified that the coins are being moved to the Bittrex exchange. Assuming the motive of the hacker is to exchange the coins and bury the tracks, the Stellar community has got in touch with Bittrex in an effort to block the hacker’s account.
The Black Wallet admin has also issued a statement on Reddit, asking Stellar coin holders to move their funds to a new wallet using the Stellar account viewer. At the time of publishing this article, the Black Wallet website is offline (404 error).
Kevin Beaumonth, a cybersecurity expert tweeted
“The DNS hijack of Blackwallet injected code, if you had over 20 Lumens it pushes them to a different wallet.”