Secure Digital Markets Partners with BlockQuake on Regulated Digital Asset Exchange Alternative for Institutions & Retail Traders
[ Back To TMCnet.com’s Homepage ]
Someone Has Been on a $200M Crypto Exchange Hacking Spree
A cybercriminal group has allegedly stolen around $200 million from cryptocurrency exchanges over the past two years. In total, they are believed to have hit 10 – 20 victims across the United States, the Middle East, and Asia.
According to research by the cybersecurity firm ClearSky, the gang named “CryptoCore,” known with other pseudonyms like “Dangerous Password” and “Leery Turtle,” has been actively targeting crypto firms since 2018 — specifically exchanges.
They confirmed that CryptoCore stole $200 million from at least five victims, several of whom were located in Japan.
The names of targeted crypto exchanges were not revealed due to non-disclosure agreements with the victims. It is believed that the total number of targets could be as high as 20 in total.
The cybersecurity firm believes CryptoCore may have links to the Eastern European region, Ukraine, Russia, or Romania.
The hackers used spear-phishing attacks to gain access to crypto exchanges’ wallets. In some cases, they may have targeted executives’ personal email accounts.
The report details that spear-phishing attacks are “typically” carried out by impersonating employees, mostly those who have a high-ranking role within the company or from another organization like the advisory board.
Speaking with Cointelegraph, Brett Callow, threat analyst at malware lab Emsisoft, provided some comments regarding spear-phishing attacks like CryptoCore did:
“Some phishing campaigns consist of non-targeted mass emails sent to a large number of people. Others, however, are crafted to target specific individuals – a company executive, for example. This known as spear phishing and, because the actor may have spent time collecting information about the individual being targeted, the emails can be extremely convincing.”
Callow also adds:
“Many security incidents and data breaches start with phishing emails. Phishing campaigns are typically designed to either collect logins – for example, by directing the recipient to a fake banking site – or to deliver malware via malicious attachments. In either case, the end result can be the same: a compromised network.”
North Korean hacking team, Lazarus Group, targeted several crypto exchanges last year, as per a Chainalysis report. One of the attacks involved the creation of a fake, but realistic trading bot website that was offered to employees of the DragonEx exchange.
Recently, Cointelegraph reported on a study that warned of a massive phishing campaign that could be launched by Lazarus soon. This could allegedly target six nations and over 5 million businesses and individuals.
DSLA Listing Announcement
🙌 Support for DSLA has grown tremendously over the past few weeks.
We are pleased to inform the community that, a couple days after hitting the $1,000,000 market capitalization, the DSLA utility token will be listed on the ProBit cryptocurrency exchange on Tuesday, June 30th, 2020 at 5pm KST ! 🎉
ProBit is a Top 4 South Korean cryptocurrency exchange 🇰🇷 and Top 30 CoinMarketCap exchange, with more than $40M in daily trading volume.
As one the fastest growing cryptocurrency exchanges this year, ProBit will enable us to further build momentum for DSLA Protocol, DSLA Token and the DSLA family of products, in one of the most important cryptocurrency markets in the world (South Koreans amount for 30% of global cryptocurrency trades).
👉 DSLA will debut trading under the DSLA/USDT pair.
⏰ DSLA Deposits open on Monday, June 29th, 2020 at 5pm KST.
🗣 Original announcement on ProBit: https://support.probit.com/hc/en-us/articles/900001539686.
DSLA Protocol is a decentralized alternative to SLA contracts. It enables anyone to vouch for the reliability of a service, earn rewards when the service performs as expected, and claim financial compensation when the service doesn’t meet expectations.
Currently available in public beta at https://dsla.network, DSLA Protocol will debut on the mainnet in Q4 2020, and will initially focus on securing staking rewards against slashing penalties, and unfulfilled reliability promises in the DeFi and Open Finance industries.
ℹ️ For more information about DSLA Protocol, go to https://stacktical.com.
Cryptocurrency exchanges lose $200 million from CryptoCore hacks
According to security company ClearSky, as a result of hacks performed by CryptoCore, a group of hackers rumored to be based in Eastern Europe, various cryptocurrency exchanges have lost about $200 million, as was reported by ZDNet.
ClearSky seems to have been tracking the hackers since 2018 and linked the group to five hacks of cryptocurrency exchanges, with another 10-20 platforms remaining as potential targets of CryptoCore. Between July 2018 and March 2020, the group performed successful hacks of online exchanges located in the US, Japan, and the Middle East.
Despite being active for more than two years, ClearSky noted that hackers have been using the same strategies to perform their attacks. Firstly, the group collects information about their targets, then launch phishing attacks on personal email addresses, and then ending with targeting business accounts.
Personal accounts of company employees are typically less secure, which is why they become the first target of hackers. If the attack is successful, hackers can plant malware on the user’s computer and gain access to corporate accounts and passwords.
It seems that cryptocurrency exchanges are the favorite target of CryptoCore, but they are not alone in their pursuits. A group of hackers from North Korea is also reported to repeatedly attack cryptocurrency exchanges and is believed to have stolen $571 million between January 2017 and September 2018.