Search This Blog

Showing posts with label cryptocurrency hack. Show all posts

New Wave of Cryptocurrency Misappropriation, Hacking, Theft and Fraud Targeting Users Massively in 2020


Crypto criminals have ramped up cryptocurrency theft, hacking, and fraud by a significant margin in the year 2020. They have amassed a sum of $1.36 billion in ill-gotten crypto from January 2020 to May 2020, according to the blockchain analytics firm. The year 2020 is recorded being on the track to become the second-costliest year of all in the history of crypto; only behind 2019’s record of $4.5 billion. The largest contribution in the year’s ongoing standings came from Chinese scam ‘WOTOKEN’ that allegedly scammed more than 700,000 users and stole over $1 billion worth of cryptocurrencies – 46,000 bitcoin, 2.04 million ethereum, 56,000 bitcoin cash, 292,000 litecoin, and 684,000 EOS.

Cryptocurrency is a virtual or digital currency that uses cryptographical functions to make financial transactions. In order to gain transparency and immutability, it makes use of blockchain technology. It is decentralized in nature as there is no central authority controlling or interfering in the processes that include making cryptocurrency exchanges directly between two parties using private and public keys. Equating to money in the real-world it attracts a large possibility of cyber fraud.

On June 2, 2020, CipherTrace released its Cryptocurrency Crime and Anti-Money Laundering Report covering the global trends and latest developments to fight money laundering, terrorism financing, and sanctions evasion. It highlighted the need for regulation and compliance while reporting that 74% of bitcoin in exchange-to-exchange transactions was the cross border and 88% of funds sent to exchanges in 2019 by US Bitcoin ATMs were offshore. Researchers also noted that phishing sites are the most popular COVID-19 related products marketed on the dark web.

“While only 9.8% of the dark market’s one-hop (direct) interactions went directly to exchanges, 30.7% of its two-hop (once removed) interactions went to exchanges—more than tripling the risk exposure to exchanges,” the report read.

In addition, cryptocriminals are also employing several new malware to target cryptocurrencies, an undocumented Trojan called ‘KryptoCibule’ has been found targeting various cryptocurrencies by replacing wallet addresses and stealing cryptocurrency-related files. Previously reported P2P botnet, FritzFrog attempted to brute-force SSH servers of government, education and medical institutions, and telecom players, with an objective of mining cryptocurrency via XMRig miner. Over two weeks ago, a new botnet, dubbed as TeamTNT was observed stealing AWS credentials from affected servers.

With the old techniques being upgraded and the new ones being continually introduced to mine illicit financial gains, cryptocurrencies have become one of the most increasingly targeted areas at present. Users are advised to stay perceptive to indicatives of criminal behavior.

Teen Hacker Elliott Gunton Taking Cryptocurrency for Stolen Data


In April 2018, Elliott Gunton, a teenager from Norwich, England, was caught by the police on the charges of hacking and his PC was taken hold of by the authorities.

He was convicted at Norwich Crown Court where he admitted five charges which included illegal data exchanges, computer exploitation and money laundering offences.

Gunton was subjected to a three and a half year community  order which kept him from using internet and software and he was made to pay a sum of £407,359 by the court order.

On the charges of stealing sensitive information of people and selling it in exchange of pounds in cryptocurrency, the Norwich Crown Court sentenced him to 20 months imprisonment and let out owing to the time spent on remand.

On the examination of Gunton's computer, it was found that he had scheduled supplies of stolen data of people which included their contact information for malicious purposes like texts to carry out fraud.

At the age of 16, Gunton hacked a telecommunications firm and was found guilty of the same.

The teen made constant and sophisticated efforts to conceal his fraudulent acts and hide the payments from police and therefore he dealt in Bitcoin instead of hard currency. However, he happened to leave behind some parts of conversations where he negotiated criminal deals.

Referencing from a tweet made by Gunton last year, "Having lots of money is cool… but having lots of money without people knowing is cooler." He called himself as a "full-time crypto trader."

Cryptocurrency exchanges losses $40 million to hackers




A cryptocurrency exchange Binance reported a ‘’large scale’’ data breach in which hackers managed to steal 7,000 bitcoins worth of about $40 million.

The company said that hackers used various techniques including phishing, viruses and other attacks to obtain large numbers of user API keys, 2FA codes and other info. 

“The hackers had the patience to wait, and execute well-prepared actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks,” said Binance’s CEO, Changing Zhao.

According to the initial investigation, the hacker attacked through multiple seemingly independent accounts at the most opportune time. 

The company has halted all the withdrawals immediately after the reports of hack. 

In a public statement released by the company,  they admitted that, ’’the transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system.’’

They further added that they need to conduct a thorough security review, and it would include all parts of our systems and data, which might take one week. 

However, till the whole time, deposits and withdrawals will ‘’REMAIN SUSPENDED’’. 






The Ukrainian man stole half a million from crypto-wallets



The man, who stole 500 000 UAH (18 350 USD) from the crypto-wallets of clients of the online cryptocurrency exchange, was detained in the Kiev region.

The Ukrainian cyber police stated that the 35-year-old man provided technical support to the British stock exchange with online cryptocurrency exchange and had access to personal data of customers. He used them to steal from Bitcoin and various Altcoin accounts. Thus, he stole 500 000 UAH for several months.

Theft of cryptocurrency occurred in several stages. At first, the attacker was looking for accounts of clients who for a long time did not open their accounts and did not have a complex authentication system.

After that, the Ukrainian made a substitution of backup e-mail boxes or added them to accounts where they were not specified. Thus, he restored the passwords to the wallets and initiated the debiting of electronic money.

Conversion and withdrawal of money took place through an online exchange.

At the moment the amount of damage is 720 000 UAH (26 400 USD). The received funds the attacker spent on gambling on virtual simulators of slot machines.

Cryptocurrency Trading App Taylor loses 2,578 ETH in hack


The creators of Taylor, a cryptocurrency trading app, have claimed that they have lost about 2,578.98 Ether (which is currently valued at over $1.49 million) from the company’s wallet in an attack by an unidentified hacker.

Taylor posted on Medium on May 22, revealing that they had been hacked and almost all their funds stolen. The company said that apart from the Ether, TAY tokens were also stolen from the Team and Bounty pools, amounting to over 7 percent of the total supply.

“The only tokens that were not stolen are the ones from the Founders’ and Advisors’ pools, because there’s a vesting contract making them inaccessible for now,” the report read.

The company wrote that since they are still investigating the attack, they cannot reveal much, but said, “What we can say is that it was not a smart contract exploit. Somehow the hacker got access to one of our devices and took control of one of our 1Password files.”

Taylor believes that the hacker is the same person or group that hacked CypheriumChain and stole over 17,000 ETH (amounting to about $9 million), as the hacker worked by collecting the amount from multiple sources into a single wallet then transferring it to a bigger wallet, which is allegedly the same wallet where the tokens from the CypheriumChain hack were transferred.

The team also noticed an attempt to dump the stolen TAY tokens on IDEX and asked them to delist TAY until they knew more about the situation, which means that the market is down for TAY and even legitimate token holders cannot trade.

“We are considering to issue a new token and swap the old one,” the company said. “The goal is to make sure the hacker does not receive the new token. We analyzed all transactions made by him, and we know exactly where the stolen tokens are.”

Taylor warned token owners to stop all trading of TAY tokens until more information is revealed and new tokens are sent out, “otherwise, you may lose your money and will not be able to receive the new token.”

“We reassure that we will spare no efforts to find a way to mitigate the implications of this incident for every single legit token holder. We are not going anywhere!” the company said after the attack.

Japan Cryptocurrency Exchange Coincheck starts refunds for $530m hack

The cryptocurrency exchange that fell to a hack of about $534 million in January this year has now started reimbursing the affected customers that lost fund in the hack.

In its blog post, Coincheck said that it will refund users as per its original compensation plan at the rate of 88.549JPY ($0.83) per NEM stolen and that to qualify for reparations, users must have held that amount of NEM on their platform at 23:59:59 JST on 26 January, 2018.

The total amount reimbursed will equal to about $420 million.

After the hack, Coincheck had imposed restrictions on trading and withdrawal of some cryptocurrencies on the exchange. The company is now going to lift some of these restrictions to allow for withdrawals and sales, according to another blog post.

It also said that it is working on evaluating the risks associated with each currency and will “confirm the technical security of our systems regarding these currencies in order to resume normal operations.”

The exchange also plans to resume deposits and purchases of all currencies, and open for new registrations once security and management systems have been updated.

“Once again, we would like to apologize for the inconveniences that the illicit transfer of NEM from out platform and the resulting suspension in services has caused our customers and anyone else affected by this incident. Thank you for your patience,” the company said in its blog post.