As multiple sources report, on Saturday, Jan. 13, attackers took control of BlackWallet’s hosting server, changing settings to allow code to run which automatically sent customer balances over 20XLM to an address under the hackers’ control.
Almost 670,000 tokens are currently missing as a result of the attack, likely explaining XLM’s almost 23 percent dive over the past 48 hours.
On social media, desperate efforts to contain the threat before the service was taken offline saw BlackWallet’s developer caution users to move their funds elsewhere if they had entered their wallet information since Saturday.
The developer, known as u/orbit84 on Reddit, wrote:
“I am sincerely sorry about this and hope that we will get the funds back. I am in talks with my hosting provider to get as much information about the hacker and will see what can be done with it. If you ever entered your key on blackwallet, you may want to move your funds to a new wallet using the stellar account viewer…”
0K In Stellar Stolen due to BlackWallet Hack