Home Cyber Attack Liquid Cryptocurrency Exchange Suffered A Security Breach
Cyber AttackHacking NewsLatest Cyber Security News | Network Security HackingNews

Liquid Cryptocurrency Exchange Suffered A Security Breach

by Abeerah Hashim
written by Abeerah Hashim
Polygon blockchain vulnerability

Another day, another cryptocurrency cyber-attack has surfaced online. This time, the Liquid cryptocurrency exchange has fallen prey to a security breach.

Liquid Cryptocurrency Exchange Confirmed Breach

In a recent post on their website, Mike Kayamori, CEO of Liquid shared the details of the incident.

As revealed, the liquid cryptocurrency exchange suffered a security breach as an attacker managed to conduct a DNS hijacking attack.

On the 13th of November 2020, a domain hosting provider “GoDaddy” that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor.

In this way, the attacker succeeded in compromising liquid infrastructure and pilfering some of the data.

This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage.

Nonetheless, the company quickly detected the intrusion and contained the attack. After regaining domain control and reviewing their systems, Liquid confirmed that the attack did not impact the client funds. Cold storage and MPC-based wallets also remained safe.

Regarding the compromised data, it may include personal information such as names, email addresses, encrypted passwords, and addresses. Whereas, Liquid is further investigating the matter to know about the possible compromise of KYC documents.

What Next?

Though, the exchange has recovered from the cyberattack and has also confirmed no loss of funds. Yet, the breach of personal information may have an impact on the victims in the long run.

As the service explained in the disclosure, such a data leakage makes the victims vulnerable to identity theft and phishing attacks.

Phishing attempts may be more sophisticated and difficult to detect when a malicious actor has access to your personal information.

While the customers’ Liquid exchange accounts remained safe as the exchange had encrypted the passwords, they still advise resetting passwords and 2FA credentials.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Multiple Vulnerabilities Found In Forminator WordPress Plugin

Palo Alto Networks Patched A Pan-OS Vulnerability Under...

Apple Removed Numerous Apps From China App Store

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...

1 comment

Andron November 23, 2020 - 1:21 pm

Know more about Utopia`s Crypton and join Utopia

Comments are closed.