dogeapi-heartbleed

DogeAPI users lose Dogecoin due to Heartbleed bug

Last night, Dogecoin API sent out an email to warn that users’ accounts may be vulnerable due to the recently revealed heartbleed vulnerability in Open SSL — a encryption software used widely across the internet.

The email warned users that they should reset their passwords:

DogeAPI was vulnerable to the heartbleed bug in OpenSSL for more than a day. A small number of users accounts were emptied by hackers. We patched the site days ago, but attackers could have potentially stored login credentials during the time we were vulnerable.

Exactly how many were unlucky enough to lose coins is unknown, one Reddit user has come forward to confirm that his account was all but empty after losing roughly 110,000 Dogecoin. They include the below image which shows some of the transactions that were part of the emptying.

dogeapi

The news reaffirms that online wallets are certainly not the safest place to be storing your coins, with even a fairly reputable service like DogeAPI being susceptible thanks to this bug in a third-party piece of software that they make use of.

You can learn more about the Heartbleed Open SSL bug here.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>