- Hackers sent emails with malicious code to UpBit users.
- The same methods were used in the course of the January attack on the South Korean government agencies.
The South Korean cryptocurrency exchange might have fallen victim to hackers from neighboring North Korea. The attackers allegedly exploited smart phishing techniques, according to the report published by the security company East Security.
On May 28, the hacker or a group of hackers sent a malicious email to UpBit customers requesting additional information about customer’s fictional sweepstakes payout. However, the company never sent such email and it did not come from any of the servers belonging the exchange.
The mail contained an attachment with the documentation for the payout. Once a user opened the fine, it would run a malicious code embedded therein and sent information about the user’s machine along with their private keys and credentials to hackers. Moreover, the virus also connected the infected computer to a command and control system to allow hackers accessing it remotely.
“In analyzing attack tools and malicious codes used by hacker groups, there are unique characteristics we saw. As bitcoin prices rise, more and more customers are using exchanges. This means that the number of victims has increased, which means that the possibility of stealing passwords stored in the exchange has increased,” the head of the ESRC Center at East Security Mun Jong-hyun commented.
He also noted that similar attacks known as Operation Fake Striker were made on Korean government agencies in January.
The hackers password-protected the file with the malicious code, which made it harder for traditional anti-virus tools to detect a threat. The experts urge users to be vigilant and never open or install suspicious files.
“We have not heard of any reported damage. In order to avoid cyber attacks, you should not install or click suspicious files or documents,” noted Mun Jong-hyun.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility.