According to ClearSky ‘s report, on June 25, a single hacking group stole approximately $ 200 million from cryptocurrency exchanges. The malicious group used a spear-phishing strategy to gain access to cryptocurrency exchanges, which proved to be effective.
The hacking group is known as “CryptoCore,” which is believed to operate out of Eastern Europe. The report also notes that the group has been targeting attacks on crypto exchanges since 2018. CryptoCore focused mainly on the exchange platforms of the United States and China.
Over time , the group has managed to rip off some $200 million from various exchanges. However, ClearSky does not believe that they are technically advanced on a massive scale despite their success. The report notes that their main tactics are “swift, persistent and efficient.”
Hacking group strategy breakdown
Hackers have access to cryptocurrency wallets belonging to exchange firms. The hacking group begins with a broad review phase on the target exchange and its employees. The hacking group warms its way by deploying spear-phishing attacks; for example, they send emails to the firm’s executives through an email that looks like a top employee or a high-ranking partner company official.
Once they get into the system, the gang installs malware and infringes the executive’s password manager account; this is where all the private keys to all the cryptocurrency wallets are stored. The next step is to wait patiently for the multi-factor authenticator to be removed. If it is eliminated, the hacking group moves quickly and steals all the money from the wallets as per the report.
Spear-phishing attacks
In conclusion, spear-phishing attacks are a popular strategy used by cryptocurrency con men, and they are very problematic. Earlier this year, a major spear-phishing attack was deployed on YouTube users. As a result, multiple accounts with massive follow-ups and subscriptions; were compromised and hijacked when owners clicked on the link.