A cyber-criminal group has allegedly stolen about $200 million from several cryptosystems exchanges in the last two years. In total, it is estimated that they have claimed between 10 and 20 victims in the United States, the Middle East and Asia.
According to research by the cybersecurity firm ClearSky, the group called „CryptoCore“, known under other pseudonyms such as „Dangerous Password“ and „Leery Turtle“, has been actively attacking cryptosecurity companies since 2018, specifically the exchanges.
hey confirmed that CryptoCore stole $200 million from at least five victims, several of whom were in Japan.
Between 10 and 20 other companies could be affected
The names of the crypto currency exchanges were not disclosed due to confidentiality agreements with the victims. It is believed that the total number of Bitcoin Billionaire victims could be as high as 20 in total.
The cybersecurity firm believes that CryptoCore may have links to the Eastern European region, Ukraine, Russia or Romania.
Phishing attacks against exchanges
Hackers used spear phishing attacks to gain access to the wallets of crypto currency exchanges. In some cases, they may target executives‘ personal e-mail accounts.
The report details that spear phishing attacks are „typically“ carried out by posing as employees, primarily those who have a high-ranking role within the company or another organization such as the advisory board.
Speaking with Cointelegraph, Brett Callow, threat analyst at the malware lab, Emsisoft, provided some commentary on phishing attacks such as CryptoCore:
„Some phishing campaigns consist of untargeted mass mailings sent to a large number of people. Others, however, are designed to target specific individuals, e.g. a company executive, this is known as spear phishing and, since the actor may have spent time collecting information about the targeted individual, the emails can be extremely convincing.