CUNA’s CULedger is a pilot research-to-action initiative that is investigating the viability and risks of a private, permissioned distributed ledger (DLT). As Bitcoin technology becomes more accessible to consumers, hackers are becoming more interested and creative.
Last week, KeepKey, a vendor of Bitcoin hardware wallets, notified users of a security breach that inadvertently exposed some of its customers’ details. According to Darin Stanchfield, KeepKey founder and CEO, the attack took place on Christmas Day, when an unknown attacker activated a new phone number with Stanchfield’s Verizon account.
This allowed the attacker to request a password reset for his Verizon email account, but receive the password reset details on the newly activated phone number. A few minutes later, the attacker had accessed Stanchfield’s email account and proceeded to request password resets for several services where the KeepKey founder had used that email address to register profiles.
In no time, the attacker had taken over several of Stanchfield’s accounts on other sites, such as KeepKey’s official Twitter account, and several of KeepKey’s side services, such as accounts for sales distribution channels and email marketing software. In less than an hour after the attack started, Stanchfield discovered the breach and started working with his staff to regain access to the hijacked accounts, while also blocking the intruder from hacking into others. Read more at BleepingComputers