- A single hacking team of approximately four members stole over $200m in crypto during the past two years.
- Researchers do not know much about the attackers, other than they are very careful and effective.
- The attackers likely have ties to East European countries, and they target exchanges and wallets.
Hacking attacks in the cryptocurrency industry have been around almost for as long as the industry itself. As soon as the first wallets and exchanges started to emerge, online criminals were there, either to scam or to break into such services and steal others’ coins.
A single group stole $200m in crypto while avoiding identification
These days, hacks are quite common, unfortunately, and some groups have managed to score quite big. In fact, security researchers from Israel-based ClearSky recently revealed that a single group managed to steal over $200 million in crypto.
Of course, the group did not steal the entire amount at once. It did so over the course of two years, by targeting exchanges and wallets. However, the amount is still quite massive.
ClearSky researchers still do not know the real identity of the group, although they have learned to recognize their MO and the infrastructure of their hacks.
They named the group CryptoCore, stating that it aims at exchanges and companies that work with the exchanges, by using a supply-chain attack. “The CryptoCore group is known for having accumulated a sum of approximately 70 million USD from its heists on exchanges. We estimate that the group managed to rake in more than 200 million USD in two years,” researchers say.
What is known about hackers?
The same group was noticed by other cybersecurity companies, although they know it by another name — Leery Turtle. After gathering information about the group, researchers believe that their first attack took place in mid-2018. But, they still kept attacking relatively regularly since emerging.
However, hackers were careful enough not to leave much information about them, and even their country of origin remains unknown. The best that researchers were able to assess is that they may have links to east Europe, possibly Russia, Romania, or Ukraine.
The group is also believed to be quite small. Researchers assess that there are around four members, although they have proven their efficiency time and time again.
Based on their attacks, they do not seem to be extremely technically advanced. But, they still managed to pull off their attacks in an effective way, and they kept doing it for over two years while avoiding identification.
Most of their targets were companies from Japan and the US, and their attacks appear to start with spear-phishing.