BitCoin forum hacked by donor

By on
BitCoin forum hacked by donor

Update: A hacker has used a zero day flaw to steal email addresses, hashed passwords and read personal messages from the bitcointalk.org forum.

Forum administrators said the attacker gained root access and was able to run arbitrary PHP code.

The attacker gained access on 3 September and was not detected until the attacker injected "annoying JavaScript" into the forum pages a week later.

According to website buttcoin.org, the Javascript splashed actor Bill Cosby across the forums and replaced all references to BitCoin with CosbyCoin.

It has posted screenshots of the hack.

The forum was shut down and migrated to a new host.

The attacker launched a SQL injection to exploit a vulnerability that existed because the forum software did not handle escape characters in username details correctly.

The attacker purchased a donor account to gain the access privileges required to illegitimately change usernames, then hijacked the account of administrator Satoshi.

From there, the attacker injected arbitrary PHP code into the site by modifying a style template.

Bitcointalk identified a series of compromised accounts and IP addresses that appeared to be used in  the attacks.

Passwords were hashed with the popular SHA-1 function and salted by combining them with usernames -- an ineffective method used by the Simple Machines Forum software.

"It is not known for sure that the attacker copied any password hashes, but it should be assumed that he did," administrators said.

Administrators urged users to change passwords and be alert to BitCoin-related phishing scams.

"Change your password. If you used the same password on any other sites, you should change the password on those sites as well," they advised.

BitCoin is a digital, peer-to-peer currency that can be traded for national currencies – including those of the US, Poland, Britain and the European Union – via various online exchanges.

Earlier this year, more than 61,000 usernames, email addresses and hashed passwords were stolen from the popular BitCoin exchange Mt.Gox.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
bitcoin hacking security

Partner Content

How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Ingram Micro Ushers in the Age of Ultra
Ingram Micro Ushers in the Age of Ultra
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Tech For Good program gives purpose and strong business outcomes
Tech For Good program gives purpose and strong business outcomes

Sponsored Whitepapers

Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
2025 State of Machine Identity Security Report

Events

techpartner.news MSP index - Brisbane
techpartner.news MSP index - Brisbane
techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025

Most read articles

Vic gov to spend $100m on cyber security

Vic gov to spend $100m on cyber security
MSPs pressed to review ransomware response as new reporting rules commence

MSPs pressed to review ransomware response as new reporting rules commence
Ingram Micro Ushers in the Age of Ultra

Ingram Micro Ushers in the Age of Ultra
Australian MSP Index launched

Australian MSP Index launched

Log in

Email:
Password:
  |  Forgot your password?