Hacker Group Robbed Crypto Exchanges by $200 Million


According to a report published by top cyber
security firm ClearSky, a hacking group known as CryptoCore has stolen more
than 200 million from several crypto exchanges since 2018.
The hacking group is reportedly operating
somewhere out of Eastern Europe, Romania, Russia, or Ukraine. The notorious
group is also known as “Dangerous password” or “Leery Turtle”.
It has used Spear- phishing emails and
Social engineering techniques to gain access to the accounts and email-ids of
employees and executives of the crypto exchanges of China, the US, and Japan.
As per the report, though the group has
managed to steal more than $200 million so far, technically they are not so
advanced on a massive scale. Their noticeable strategies are ‘swift’,
‘persistent’, and ‘efficient’.
Modus Operand of the CryptoCore
The group uses a spear-phishing technique
to access cryptocurrency wallets belonging to the exchanges. They send emails
to the employees of the company posing as the top executive or close associates
of the firms.
Once the mail is opened, that id of the
employee gets hacked, the group installs malware and access the password of the
account, the group then steals all the private keys of the crypto wallets. They
wait till the removal of the multi-factor authenticator. Once it is removed,
the hackers act swiftly to steal the money from the wallets.
The report mentions that the malware they use frequently is called Mimikatz.
Disclaimer
The information provided through the
above Content is for informational purposes only. The Content is not intended
to be, and does not, constitute financial advice or any other advice. You
should consult with a financial professional to determine what may be best for
your individual needs. We do not make any guarantee or other promise as to any
results that may be obtained using our Content. To the maximum extent permitted
by law, we disclaim any and all liability in the event any information,
commentary, analysis, opinions, advice and/or recommendations prove to be
inaccurate, incomplete or unreliable or result in any investment or other
losses.

Jayashree Ingle
CBW - External Analyst
INDIA