Eastern European cybercriminals were responsible for stealing more than $200 million from cryptocurrency exchanges based in Japan, the United States, and Israel according to a new report that we have in our crypto news.
According to the report from the research by the cybersecurity firm ClearSky, the unknown Eastern European cybercriminals group referred to as “CryptoCore” was hacking digital asset exchanges since the start of 2018 up to this day. The research outlined that the ongoing increase in digital assets have made it hard for exchanges to stay under the radar when it comes to constant hack attacks. Threat actors of all types try to infiltrate into corporate networks for ransomware, theft, stealing money from exchanges, and reconnaissance, especially from the hot wallets of the users.
Cybercriminals target digital asset platforms because they believe they are more vulnerable to attacks rather than the banks and other traditional financial instruments according to the report. Cryptocurrency exchanges have improved their countermeasures because of the huge number of attacks against them but the total amount stolen from crypto frauds and thefts up to this day equals $1.4 billion. ClearSky added that the blockchain merits having all of the transactions visible on the network, are not quite useful when trying to find stolen funds:
“At first, it seems easier to track the stolen money through blockchain, identifying, and attributing wallets to entities and individuals is generally more difficult.”
The paper also outlined that there were more than $200 million stolen by the hackers and about $70 million coming from Israeli crypto exchanges. According to the CrypoCore cybersecurity company, there was an illegal operation with an extensive reconnaissance phase against the potential victims. Aside from observing the vulnerabilities on the platform, the group examined all executives, IT personnel, and other company officials.
The most commonly used method of infiltration was though spear-phishing against the corporate network and the email accounts of the employees. This method is typically carried out by impersonating higher-rank employees from the same company or a similar one with connections to the victims. The primary goal is to gain access to the password manager account where the keys are often kept in crypto wallets. The group will then remain undetected and maintain persistence until the multi-factor authentication from the exchange’s wallet will be removed.
The CEO of ClearSky Boaz Dolev believes that the group doesn’t really have advanced capabilities but it acts systematically and that’s why they succeed.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]