Users of Bitcoin-pushing shopping marketplace Purse.io were the targets of a hack originating from unauthorized password reset emails that affected 11 users in total with 10.235 bitcoin withdrawn due to the compromise.
Purse.io users were the target of hackers who may have gained access and compromised a third-party email service provider user by the company, by its own statement released on its blog.
Purse.io has since confirmed the compromise of users’ wallets and has also stated that all affected user accounts have been reimbursed.
The company has experience in successfully dealing with and avoiding scams that unsurprisingly target Amazon – the world’s most visited online marketplace.
The first signs of the theft came to light after a user took to Reddit to report unauthorized withdrawals from the user’s Purse.io wallet.
Here’s how the hack occurred:
- Users received an email asking for their account passwords to be changed.
- Soon after, the targeted users also received a withdrawal request (after the compromise of the password).
- Moments later, a withdrawal confirmation came along, confirming the theft.
Akreider, the Reddit user further added that the hacker took all of 19 seconds to receive and confirm the withdrawal emails with the entire process from the password compromise to the theft taking 2 minutes.
Not long after answering users’ concerns within the Reddit thread, Purse.io released a statement on its blog while the website was taken down for temporarily during an investigation looking into the compromise.
We have received word today of unauthorized password reset notification emails. We are aware of the issue and have secured all funds. All user balances are accounted for and upon completing our investigation, service will resume shortly.
The website was back up and running soon after, with another blog post confirming the possible compromise of an email service provider that was possibly targeted by the attacker(s).
We discovered this quickly, secured funds, and reset tokens for affected users. All funds are secure, and service has been resumed.
To ensure that the same accounts aren’t compromised again, Purse.io added that users who were the recipients of the compromising password reset emails will need to reach out to Purse.io support for further verification before they are granted login access to accounts.
Purse.io added that it’s looking to make two-factor authentication mandatory for user accounts while confirming that additional technical details of the compromise will be revealed soon.
Altogether, the company stated that 11 users were affected and 10.235 bitcoins were withdrawn without users’ consent. Purse.io confirmed that the compromised users have been reimbursed, and their accounts have since been secured.
Images from Shutterstock.