Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


In this Discussion

How 3 hours of inaction from Amazon cost cryptocurrency holders $235,000
New on LowEndTalk? Please Register and read our Community Rules.

How 3 hours of inaction from Amazon cost cryptocurrency holders $235,000

DPDP Administrator, The Domain Guy

DP's CPN (Copy & Paste News) ✌️

Amazon recently lost control of IP addresses it uses to host cloud services and took more than three hours to regain control, a lapse that allowed hackers to steal $235,000 in cryptocurrency from users of one of the affected customers, an analysis shows.

The hackers seized control of roughly 256 IP addresses through BGP hijacking, a form of attack that exploits known weaknesses in a core Internet protocol. Short for border gateway protocol, BGP is a technical specification that organizations that route traffic, known as autonomous system networks, use to interoperate with other ASNs. Despite its crucial function in routing wholesale amounts of data across the globe in real time, BGP still largely relies on the Internet equivalent of word of mouth for organizations to track which IP addresses rightfully belong to which ASNs.

A case of mistaken identity

Last month, autonomous system 209243, which belongs to UK-based network operator Quickhost.uk, suddenly began announcing its infrastructure was the proper path for other ASNs to access what’s known as a /24 block of IP addresses belonging to AS16509, one of at least three ASNs operated by Amazon. The hijacked block included 44.235.216.69, an IP address hosting cbridge-prod2.celer.network, a subdomain responsible for serving a critical smart contract user interface for the Celer Bridge cryptocurrency exchange.


Reference: https://arstechnica.com/information-technology/2022/09/how-3-hours-of-inaction-from-amazon-cost-cryptocurrency-holders-235000


End of DP's CPN (Copy & Paste News) ✌️

Comments

  • Meh, clickbait. The loss of money is from shitty protocols:

    The phishing contract steals users’ funds using two approaches:
    Any tokens approved by phishing victims are drained using a custom method with a 4byte value 0x9c307de6()
    The phishing contract overrides the following methods designed to immediately steal a victim’s tokens:
    send()- used to steal tokens (e.g. USDC)
    sendNative() — used to steal native assets (e.g. ETH)
    addLiquidity()- used to steal tokens (e.g. USDC)
    addNativeLiquidity() — used to steal native assets (e.g. ETH)

    Just because traffic shows up at the wrong door doesn't mean your shit gets stolen.

    Thanked by 1Pixels
Sign In or Register to comment.