A DNS hacking led to hackers removing $ 400,000 worth of Stellar Lumen (XLM) coins from portfolios hosted by Blackwallet.co without users As reported by several sources, on Saturday, January 13, attackers took control of the hosting server of BlackWallet, changing the settings to allow the execution of code that automatically sent 20XLM customer balances at an address under the control of hackers.

Nearly 670,000 tokens are currently missing as a result of the attack, which probably explains the nearly 23% dip in XLM over the last 48 hours.

On social networks, desperate efforts the service was taken offline as the developers of BlackWallet were warning users to move their funds elsewhere had they entered their portfolio information since Saturday.

The developer, known as u / orbit84 on Reddit, wrote:

"I am sincerely sorry about this and hope we will recover the I'm in talks with my hosting provider to get as much information about the hacker and I'll see what we can do with it.If you've already entered your key on Blackwallet, you can move your funds to a new wallet using the stellar account viewer … "

A Reddit / Nuclearping user has apparently managed to identify the hosting provider which services BlackWallet as 1 and 1.

If this is the case, the event would be the second incident involving 1 & 1. Last August, the hackers persuaded a customer service representative to relinquish control of the Classic Ether Wallet domain to its own originary currency.

Massive losses of funds and sensitive information about users were stolen.

Meanwhile, developer BlackWallet added a change to his original Reddit message asking community members not to "spread rumors" about the German hosting provider.