DNS attacks can manifest themselves in many ways, all targeted against the Domain Name System that connects the internet. At best they’re an inconvenience, knocking websites offline or preventing access, and at worst they’re costly, as this week’s $150,000 Myetherwallet hijack demonstrated. When you’re interacting in the crypto space, here are a few ways to protect yourself against DNS attacks.
Also read:
How DNS Attacks Work
In the aftermath of Tuesday’s DNS attack, which affected a string of major websites and proved particularly costly to some , Cloudflare published a report. “BGP leaks and cryptocurrencies” how the attack went down, and how the attackers were able to exploit vulnerabilities in the DNS system. BGP is the Border Gateway Protocol, a standardized gateway for routing information from one part of the internet to another.
With over 700,000 possible routes, there’s a lot of ways to get from A to B or Z or any letter in between. Most of the time, all of these chains, operated by different internet providers, communicate just fine, but occasionally things go wrong. Usually these leaks are localized and are the result of a configuration mistake. But as Cloudflare explains, “Sometimes [a BGP leak] is done with a malicious intent. The prefix can be re-routed through in order to passively analyze the data”. It continues:
During the two hours leak the servers on the IP range only responded to queries for myetherwallet.com. As some people noticed SERVFAIL. Any DNS resolver that was asked for names handled by Route53 would ask the authoritative servers that had been taken over via the BGP leak. This poisoned DNS resolvers whose routers had accepted the route.
Anyone connecting to a DNS resolver that had been poisoned during the attack would have been rerouted to a fraudulent Russian provider instead.
How to Detect DNS Attacks
The good news is that in most cases identifying the signs of BGP hijacking doesn’t call for a Master’s in internet protocol architecture. The first clue that something is amiss can be found by glancing at the https lock in your browser. It should be green, to denote that the certificate for the website you’re accessing is trusted. If it’s red or you’re presented with a warning message, don’t proceed just because the URL you’re loading is correct.
One of the victims of Tuesday’s Myetherwallet attack was shown a warning that their connection to the site was not secure but confessed: “Even though every part of my body told me not to try and log in, I did.” Due to notification fatigue, it’s easy to dismiss warning messages without paying them attention, but not all notifications are spammy: some are vital, and should be overridden at your peril.
Cloudflare explains: “If you were using HTTPS, the fake website would display a TLS certificate signed by an unknown authority (the domain listed in the certificate was correct but it was self-signed). The only way for this attack to work would be to continue and accept the wrong certificate. From that point on, everything you send would be encrypted but the attacker had the keys.”
Stay Vigilant and Control your Crypto
Sites such as enable web users to check whether they recognize the name and IP of the server they’re connecting to, which will often be your ISP. Beyond that, unfortunately, there is little that the average web user can do, for the onus is on web admins to monitor their site for evidence of BGP leaks. Given the risks of storing cryptocurrency on centralized exchanges, and of interacting with websites such as Myetherwallet and decentralized exchanges like Etherdelta, both of which have fallen victim to DNS attacks, investors are left with few options. Crypto projects such as REMME are that will alert users to DNS attacks on cryptocurrency exchanges, but its implementation is still some way off.
The only way to ensure your crypto remains your crypto is to store it in a secure hardware wallet that is not connected to the internet. But to acquire those coins in the first place, you have to connect to the internet. For practical reasons, it is essential that you are able to go about your daily business without constant fear of having your web traffic hijacked, poisoned, or spoofed. But when accessing online wallets and exchanges, be sure to check that the https lock is in place. If your gut is telling you something is wrong, trust your instincts and heed the warning signs. It might just save your crypto.
Do you think DNS attacks are on the rise? Let us know in the comments section below.
Images courtesy of Shutterstock.
Need to calculate your bitcoin holdings? Check our section.
The post appeared first on .
Leading Swiss coffee brand unveils Crypto Valley-first loyalty token at Blockchain Summit in Zug
Zug, Switzerland – April 26th, 2018 – Chilled coffee producer, Lattesso, has today unveiled the Crypto Valley’s first loyalty token at the Blockchain Summit in Zug, showcasing the industry’s first proof of concept.
The Lattessocoin, Lattesso’s virtual token, is based on the qiibee system, a specialized platform for loyalty programs on the established Ethereum blockchain. From the end of May, every cup of Lattesso will come with a code which entitles customers to free Lattessocoins, which are stored on the blockchain and accessible via a user-friendly web app with no expiration dates, conditions or restrictions.
Erich Kienle, CEO of Lattesso, described the collaboration as a “pioneering achievement”.
“We are very pleased to present this world-first in Zug’s Crypto Valley, the worldwide blockchain hotspot,” he said.
Lattesso wants to make the benefits of tokens accessible to the public by adopting blockchain technology to power its customer loyalty program. In contrast to traditional loyalty programs, the Lattessocoin connects a fragmented market, increases its efficiencies, and cuts out the central data authority by being on the blockchain.
Co-founder and CEO of qiibee, Gabriele Giancola, said: “Customers worldwide are familiar with air mile programs and loyalty points, and although these are important practices for retailers and brands, customers are limited and restricted in how they can utilize their points and rewards. Now Lattesso customers will be able to exchange their loyalty points for cryptocurrencies from their smartphones.”
Tokens from all qiibee partners are exchangeable, which means that Lattesso customers can exchange their loyalty points not just for coffee, but also benefit from a variety of other offers in the future. Customers can also exchange their tokens for cash.
Cryptocurrencies and tokens, including Lattessocoins, are also freely tradeable, with demand determining the price.
About qiibee
qiibee, the decentralized, blockchain-based loyalty ecosystem, provides a loyalty platform and developer interface on which every loyalty application can be tokenized.
qiibee started its journey in the loyalty market with a multi-branded, multi-activity loyalty program which brands could use to reward their customers for activities such as shopping, or creating and engaging with content. Founded in 2015 by Gabriele and Gianluca Giancola, the qiibee prototype was launched in late-2016 with 100,000 active customers in Switzerland, making up approximately 1% of all internet users in the Alpine nation.
About Lattesso
The Lattesso brand was launched in 2013 by Erich Kienle, owner and founder of Innoprax. Lattesso, one of Switzerland’s leading cold coffee beverages, is the only brand with a 100% natural recipe without artificial additives, and an unmistakably fragrant coffee aroma. Lattesso is also exported to Germany, Austria, Belgium and Russia.
News Release: The financial industry is altering. Gone are those days when it held monopoly over whose as well as exactly what funds to keep when to exchange them. Thanks to blockchain innovation, power is being vested in the hands of economic representatives. Nevertheless, the potentials of this power is yet to be truly released for […]
The blog post showed up initially on .
Published at Thu, 26 Apr 2018 18:11:14 +0000
