Reports in the Bitcoin scams news by a security firm show that a group of cyber criminals known as the CryptoCore hackers have been raiding crypto exchanges. They managed to amass around $70 million and left a $200 million trail of damage in the wake of the attacks.
The detailed report can be seen on Clear Sky Security, where the CryptoCore hackers are described as individuals which are based primarily in Eastern Europe, with links to Russia, Romania and Ukraine, as the publication notes.
What’s also interesting is that this group appears to mainly target cryptocurrency exchanges and so far attempted to execute the majority of these attacks in Japan as well as the United States.
The CryptoCore hackers may be hanging to around $70 million worth of crypto holdings from raids ever since they became active in 2018. The cumulative raids, as the firm said, add up to $200 million in total.
“This group is not extremely technically advanced, yet it seems to be swift, persistent and effective, nevertheless. We assess it to be active at least since May 2018, and it maintained steady activity since then. Its activity has receded in the first half of 2020, one possible reason being the limitations induced by the COVID-19 pandemic, but it didn’t stop completely.”
In the reports which are now viral in the crypto news, we can also see that the CryptoCore hackers are apparently using spear-phishing attacks and send employees emails that appear to come from high-ranking exchange staff. Their goal is to “gain access to cryptocurrency exchange wallets,” whether they are general corporate ones or “wallets belonging to exchange’s employees.”
If their attacks succeed, the group is then looking to gain access to “the victim’s password manager account.” From here, they can access various wallet keys and use malware as part of their campaign. The security firm noted that the CryptoCore hackers are fast to respond to efforts and fight back.
“The group is generally quick to register and employ new domains and links. […] In one case, a new domain was registered. We alerted the client, and within 30-40 minutes their systems identified an attack from that new domain,” the authors of the report concluded.
This is not the first time a group of organized hackers and cyber criminals raided exchanges, and probably not the last time this is happening.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]