The Doge Vault online wallet service was hit by attackers recently, resulting in attackers accessing and destroying data.
According to the company, the attack occurred May 11.
“As soon as the administrator of Doge Vault was alerted, the service was halted,” according to a statement by the company. “The attackers had already accessed and destroyed all data on the hosted virtual machines. We are currently in the process of identifying the extent of the attack and potential impact on user’s funds. This involves salvaging existing wallet data from an off-site backup. We will also…be investigating potential attack vectors, and determining the security breach which enabled the attackers to compromise the service.”
The amount of Dogecoins stolen in the attack has not been made public by the company, but estimates by some have put the value of the currency at tens of thousands of dollars.
Earlier this year, Bitcoin exchanges Flexcoin and Poloniex were hit by hackers as well.
“Attackers typically go after two types of targets: one, large amounts of financial data such as Target, Michaels Stores and TJ Maxx; or two, low-hanging fruit like universities that typically do not have strong IT security measures but good amounts of personal data,” said Eric Chiu, president and co-founder of HyTrust. “These new crypto-currency exchanges are a ripe target for both reasons since they can provide a good payday of anonymous digital currency and typically do not have the security measures that say more mature, regulated financial institutions have.”
“Whether crypto-currency, real currency or private customer data, virtualization underpins many critical systems across financial services, retail, government and healthcare organizations,” he said. “Given that virtualization and cloud concentrate systems and data, this also equates to a concentration of risk, resulting in bigger breaches and downtime by compromising hundreds or thousands of VMs rather than one. Protecting the management of virtual infrastructure is imperative given this concentration of risk, especially when these systems play such a huge role in our economy and society.”
Doge Vault has asked customers not transfer any funds to Doge Vault addresses while the investigation is underway. More information regarding the results of the investigation and the company’s “plan of action” will be released in the next 24 to 48 hours, the company said.
Brian Prince is a Contributing Writer for SecurityWeek.Previous Columns by Brian Prince:BlackBerry Fixes Vulnerabilities Related to Heartbleed, FlashDoge Vault Investigates Cyber Attack Microsoft, Adobe Patch Critical Security Vulnerabilities Microsoft Word Vulnerability Used in Targeted Attacks Against Taiwan Heartbleed Vulnerability Still Beating Strong
Tags: NEWS INDUSTRY