Another day, another cryptocurrency cyber-attack has surfaced online. This time, the Liquid cryptocurrency exchange has fallen prey to a security breach.
Liquid Cryptocurrency Exchange Confirmed Breach
In a recent post on their website, Mike Kayamori, CEO of Liquid shared the details of the incident.
As revealed, the liquid cryptocurrency exchange suffered a security breach as an attacker managed to conduct a DNS hijacking attack.
On the 13th of November 2020, a domain hosting provider “GoDaddy” that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor.
In this way, the attacker succeeded in compromising liquid infrastructure and pilfering some of the data.
This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage.
Nonetheless, the company quickly detected the intrusion and contained the attack. After regaining domain control and reviewing their systems, Liquid confirmed that the attack did not impact the client funds. Cold storage and MPC-based wallets also remained safe.
Regarding the compromised data, it may include personal information such as names, email addresses, encrypted passwords, and addresses. Whereas, Liquid is further investigating the matter to know about the possible compromise of KYC documents.
Though, the exchange has recovered from the cyberattack and has also confirmed no loss of funds. Yet, the breach of personal information may have an impact on the victims in the long run.
As the service explained in the disclosure, such a data leakage makes the victims vulnerable to identity theft and phishing attacks.
Phishing attempts may be more sophisticated and difficult to detect when a malicious actor has access to your personal information.
While the customers’ Liquid exchange accounts remained safe as the exchange had encrypted the passwords, they still advise resetting passwords and 2FA credentials.