The owner of a Los Angeles-based hosting company, Chunk Host, received a strange email in regards to a password change he never authorized. The breach lead to a bitcoin security scare.
Chunk Host specializes in selling inexpensive private digital hosting on fast hardware.
The owner of the hosting company, Nate Daiger, found that the email was sent by SendGrid, a company that ensures important emails go through to organizations. Chunk Host uses SendGrid for their email purposes.
Daiger found the password reset email puzzling, as he rarely uses his SendGrid account. This set off an alarm in his mind that someone may be trying to hack his information.
Both company’s remain unclear as to exactly how the attack occurred, but are working together to find out. Daiger believes that the attacker convinced a customer service representative at SendGrid to gain the email access. Contrarily, SendGrid does not think the attacker socially engineered a representative to gain the email address. Luckily, Chuck Host does not appear to have been compromised directly.
For a hacker to compromise the site, they would not need to deal with SendGrid in the first place. Daiger wrote on his company’s blog:
“If it turns out to be some problem on our side, I’ll apologize. But I’m pretty sure it’s not.”
The Chuck Host owner feels the attacker or attackers were able to convince a SendGrid technician to add the email “[email protected]” to Daiger’s account. Daiger’s real email is “[email protected]” The similarity in email names was meant to throw off the technician into thinking the new one was legit.
Chunk Host is not the first institution that utilizes bitcoin to be targeted by hackers. Bitcoin bank Flexcoin was forced to shutdown after a hacker stole 896 bitcoins. Only the bank’s cold storage bitcoins remained. Had security been more strict, Flexcoin would still be open today.
SendGrid assures that they require strict procedures when changing a password, therefore believing the attack was not done from their end.
By the time Daiger received his email, the hackers were in charge of his SendGrid account. Daiger adds that they then initiated password resets on two bitcoin-related Chuck Host customer accounts.
Luckily, the attack failed, as the two customers used a two-factor authentication, requiring the input of a one-time password to obtain access to their accounts.
For more bitcoin news, stay tuned to CoinReport.