On the Bitcoin forum Bitcointalk.org, administrator Theymos yesterday announced that an attacker had leveraged a flaw in the forum's AnonymousSpeech registrar to change the forum's DNS to point to 18.104.22.168 (h/t Computerworld).
"Because the HTTPS protocol is pretty terrible, this alone could have allowed the attacker to intercept and modify encrypted forum transmissions, allowing them to see passwords sent during login, authentication cookies, PMs, etc.," Theymos wrote. "Your password only could have been intercepted if you actually entered it while the forum was affected. I invalidated all security codes, so you're not at risk of having your account stolen if you logged in using the 'remember me' feature without actually entering your password."
The admin also noted that the forum was simultaneously targeted by a massive DDoS attack. "These two events are probably related, though I'm not yet sure why an attacker would do both of these things at once," he wrote.
While the forum has been transferred to a different registrar, Theymos noted that the change would take about 24 hours to propagate.