Search This Blog

Showing posts with label cryptocurrency hack. Show all posts

Teen Hacker Elliott Gunton Taking Cryptocurrency for Stolen Data


In April 2018, Elliott Gunton, a teenager from Norwich, England, was caught by the police on the charges of hacking and his PC was taken hold of by the authorities.

He was convicted at Norwich Crown Court where he admitted five charges which included illegal data exchanges, computer exploitation and money laundering offences.

Gunton was subjected to a three and a half year community  order which kept him from using internet and software and he was made to pay a sum of £407,359 by the court order.

On the charges of stealing sensitive information of people and selling it in exchange of pounds in cryptocurrency, the Norwich Crown Court sentenced him to 20 months imprisonment and let out owing to the time spent on remand.

On the examination of Gunton's computer, it was found that he had scheduled supplies of stolen data of people which included their contact information for malicious purposes like texts to carry out fraud.

At the age of 16, Gunton hacked a telecommunications firm and was found guilty of the same.

The teen made constant and sophisticated efforts to conceal his fraudulent acts and hide the payments from police and therefore he dealt in Bitcoin instead of hard currency. However, he happened to leave behind some parts of conversations where he negotiated criminal deals.

Referencing from a tweet made by Gunton last year, "Having lots of money is cool… but having lots of money without people knowing is cooler." He called himself as a "full-time crypto trader."

Cryptocurrency exchanges losses $40 million to hackers




A cryptocurrency exchange Binance reported a ‘’large scale’’ data breach in which hackers managed to steal 7,000 bitcoins worth of about $40 million.

The company said that hackers used various techniques including phishing, viruses and other attacks to obtain large numbers of user API keys, 2FA codes and other info. 

“The hackers had the patience to wait, and execute well-prepared actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks,” said Binance’s CEO, Changing Zhao.

According to the initial investigation, the hacker attacked through multiple seemingly independent accounts at the most opportune time. 

The company has halted all the withdrawals immediately after the reports of hack. 

In a public statement released by the company,  they admitted that, ’’the transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system.’’

They further added that they need to conduct a thorough security review, and it would include all parts of our systems and data, which might take one week. 

However, till the whole time, deposits and withdrawals will ‘’REMAIN SUSPENDED’’. 






The Ukrainian man stole half a million from crypto-wallets



The man, who stole 500 000 UAH (18 350 USD) from the crypto-wallets of clients of the online cryptocurrency exchange, was detained in the Kiev region.

The Ukrainian cyber police stated that the 35-year-old man provided technical support to the British stock exchange with online cryptocurrency exchange and had access to personal data of customers. He used them to steal from Bitcoin and various Altcoin accounts. Thus, he stole 500 000 UAH for several months.

Theft of cryptocurrency occurred in several stages. At first, the attacker was looking for accounts of clients who for a long time did not open their accounts and did not have a complex authentication system.

After that, the Ukrainian made a substitution of backup e-mail boxes or added them to accounts where they were not specified. Thus, he restored the passwords to the wallets and initiated the debiting of electronic money.

Conversion and withdrawal of money took place through an online exchange.

At the moment the amount of damage is 720 000 UAH (26 400 USD). The received funds the attacker spent on gambling on virtual simulators of slot machines.

Cryptocurrency Trading App Taylor loses 2,578 ETH in hack


The creators of Taylor, a cryptocurrency trading app, have claimed that they have lost about 2,578.98 Ether (which is currently valued at over $1.49 million) from the company’s wallet in an attack by an unidentified hacker.

Taylor posted on Medium on May 22, revealing that they had been hacked and almost all their funds stolen. The company said that apart from the Ether, TAY tokens were also stolen from the Team and Bounty pools, amounting to over 7 percent of the total supply.

“The only tokens that were not stolen are the ones from the Founders’ and Advisors’ pools, because there’s a vesting contract making them inaccessible for now,” the report read.

The company wrote that since they are still investigating the attack, they cannot reveal much, but said, “What we can say is that it was not a smart contract exploit. Somehow the hacker got access to one of our devices and took control of one of our 1Password files.”

Taylor believes that the hacker is the same person or group that hacked CypheriumChain and stole over 17,000 ETH (amounting to about $9 million), as the hacker worked by collecting the amount from multiple sources into a single wallet then transferring it to a bigger wallet, which is allegedly the same wallet where the tokens from the CypheriumChain hack were transferred.

The team also noticed an attempt to dump the stolen TAY tokens on IDEX and asked them to delist TAY until they knew more about the situation, which means that the market is down for TAY and even legitimate token holders cannot trade.

“We are considering to issue a new token and swap the old one,” the company said. “The goal is to make sure the hacker does not receive the new token. We analyzed all transactions made by him, and we know exactly where the stolen tokens are.”

Taylor warned token owners to stop all trading of TAY tokens until more information is revealed and new tokens are sent out, “otherwise, you may lose your money and will not be able to receive the new token.”

“We reassure that we will spare no efforts to find a way to mitigate the implications of this incident for every single legit token holder. We are not going anywhere!” the company said after the attack.

Japan Cryptocurrency Exchange Coincheck starts refunds for $530m hack

The cryptocurrency exchange that fell to a hack of about $534 million in January this year has now started reimbursing the affected customers that lost fund in the hack.

In its blog post, Coincheck said that it will refund users as per its original compensation plan at the rate of 88.549JPY ($0.83) per NEM stolen and that to qualify for reparations, users must have held that amount of NEM on their platform at 23:59:59 JST on 26 January, 2018.

The total amount reimbursed will equal to about $420 million.

After the hack, Coincheck had imposed restrictions on trading and withdrawal of some cryptocurrencies on the exchange. The company is now going to lift some of these restrictions to allow for withdrawals and sales, according to another blog post.

It also said that it is working on evaluating the risks associated with each currency and will “confirm the technical security of our systems regarding these currencies in order to resume normal operations.”

The exchange also plans to resume deposits and purchases of all currencies, and open for new registrations once security and management systems have been updated.

“Once again, we would like to apologize for the inconveniences that the illicit transfer of NEM from out platform and the resulting suspension in services has caused our customers and anyone else affected by this incident. Thank you for your patience,” the company said in its blog post.