Home Security Liquid Cryptocurrency Exchange Suffered A Security Breach

Liquid Cryptocurrency Exchange Suffered A Security Breach


Another day, another cryptocurrency cyber-attack has surfaced online. This time, the Liquid cryptocurrency exchange has fallen prey to a security breach.

Liquid Cryptocurrency Exchange Confirmed Breach

In a recent post on their website, Mike Kayamori, CEO of Liquid shared the details of the incident.

As revealed, the liquid cryptocurrency exchange suffered a security breach as an attacker managed to conduct a DNS hijacking attack.

On the 13th of November 2020, a domain hosting provider “GoDaddy” that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor.

In this way, the attacker succeeded in compromising liquid infrastructure and pilfering some of the data.

This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage.

Nonetheless, the company quickly detected the intrusion and contained the attack. After regaining domain control and reviewing their systems, Liquid confirmed that the attack did not impact the client funds. Cold storage and MPC-based wallets also remained safe.

Regarding the compromised data, it may include personal information such as names, email addresses, encrypted passwords, and addresses. Whereas, Liquid is further investigating the matter to know about the possible compromise of KYC documents.

What Next?

Though, the exchange has recovered from the cyberattack and has also confirmed no loss of funds. Yet, the breach of personal information may have an impact on the victims in the long run.

As the service explained in the disclosure, such a data leakage makes the victims vulnerable to identity theft and phishing attacks.

Phishing attempts may be more sophisticated and difficult to detect when a malicious actor has access to your personal information.

While the customers’ Liquid exchange accounts remained safe as the exchange had encrypted the passwords, they still advise resetting passwords and 2FA credentials.

The following two tabs change content below.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Source link

Related Articles

Leave a Comment