cryptocurrency

Russians blamed for $530M hack of Japanese cryptocurrency exchange Coincheck – SiliconANGLE News


Russian hackers are now believed to be behind the hacking and theft of around $530 million in cryptocurrency from Japanese exchange Coincheck in January 2018, Japanese media reported Monday.

The hack, the largest single successful theft of cryptocurrency of all time, even beating the better-known hack of Mt. Gox, was originally believed to have undertaken by North Korean hackers.

The report said the Russia link comes via malware called Smokebot that was previously offered by a Russian hacking group. According to security firm Check Point Software Technologies Ltd., Smokebot is a “backdoor bot agent” that targets the Windows platform. The malware is said to contact a remote server periodically and accept commands that would allow an attacker to perform information stealing, distributed denial-of-service attacks, downloading of malicious files and other actions.

The alleged link may be spurious, however, as the Russian link appears to be nothing more than evidence that Smokebot was offered for sale in 2011 on a Russian-language forum. There’s also some suggestion that the hack could be related to Eastern Europe, but the Russian angle is seemingly based on Cyrillic script appearing in the malware code.

While costly, some good did come from the hack with Japanese cryptocurrency exchanges coming together to form a self-regulating body to oversee crypto markets in February 2018. The Japanese government officially gave the self-regulatory body legal status in October.

Attacks on cryptocurrencies and their enabling exchanges are especially troubling for systems such as currencies, which rely heavily on trust, Francis Gaffney, director of threat intelligence at email security firm Mimecast Services Ltd., told SiliconANGLE.

“We see these crypto-based attacks begin with sophisticated phishing campaigns and malware droppers,” he said. “From there, threat actors study their victims to identify their credentials and capture their sensitive information. And no longer are these attacks strapped to remote locations, as incidents involving mobile devices are on the rise.”

To defend against them, he added, “organizations must implement good cyber hygiene and robust cyber resilience across all platforms.”

Photo: The Kremlin

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.





READ SOURCE

Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.