Report reveals Russian Hackers May Be Responsible for $530 Million Cryptocurrency Hack

Report reveals Russian Hackers May Be Responsible for $530 Million Cryptocurrency Hack

It was previously believed that North Korean hackers were behind the January 2018 Coincheck hack, but recent developments in the investigation suggest that Russian actors may have been responsible.

  • By Kaitlyn DeHaven
  • Jun 18, 2019

A new report of the investigation into the $530 million hack that ruined Japanese cryptocurrency exchange Coincheck in January 2018 states that Russian, not North Korean, actors may have been behind the attack.

The Asahi Shimbun, a Japanese newspaper, reported that viruses that were thought to have been used in the hack were found on employees’ computers. According to the Asahi Shimbun, the viruses were linked to Russian hacker groups and named “Mokes” and “Netwire.” These viruses were most likely transferred via email, and allowed the hackers to gain access to private keys.

In addition, the viruses have previously appeared on Russian-based message boards with Mokes first appearing in June 2011 and Netwire appearing approximately 12 years ago.

In the January 2018 attack, Coincheck lost over $500 million worth of NEM tokens. The company was adamant that it wasn’t an inside job, even though at the time there was no suggestion of how the attacks had been able to gain access to the system without insider information.

Francis Gaffney, director of threat intelligence at Mimecast, said that as of January 2019, over $1 billion had been lost from cryptocurrency attacks.

“Coincheck is just the latest incident,” Gaffney said. “At the end of the day, cybercriminals are going to go directly where the money is via point-of-sale-focused attacks, like we’re seeing here and with ransomware.”

Gaffney said that these crypto-based attacks are particularly concerning for companies dealing with currencies, and other products that require a large amount of trust.

“Attacks on cryptocurrencies and their enabling exchanges are particularly troubling for systems like currencies, which rely heavily on trust for reliable means of exchange,” Gaffney said. “We see these crypto-based attacks begin with sophisticated phishing campaigns and malware droppers. From there, threat actors study their victims to identify their credentials and capture sensitive information.”

About the Author

Kaitlyn DeHaven is the Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • 2024 Gun Violence Report: Fewer Overall Incidents, but School Deaths and Injuries Are on the Rise

    Omnilert, provider of gun detection technology, today released its compilation of Gun Violence Statistics for 2024 summarizing gun violence tragedies and their adverse effects on Americans and the economy. While research showed a decrease in overall deaths and injuries, the rising number of school shootings and fatalities and high number of mass shootings underscored the need to keep more people safe in schools as well as places of worship, healthcare, government, retail and commerce, finance and banking, hospitality and other public places. Read Now

  • Survey: Only 7 Percent of Business Leaders Using AI in Physical Security

    A new survey from Pro-Vigil looks at video surveillance trends, how AI is impacting physical security, and more. Read Now

  • MetLife Stadium Uses Custom Surveillance Solution from Axis Communications

    Axis Communications, provider of video surveillance and network devices, today announced the implementation of a custom surveillance solution developed in collaboration with the MetLife Stadium security team. This new, tailored solution will help the venue augment its security capabilities, providing high-quality video at unprecedented distances and allowing the security team to identify details from anywhere in the venue. Read Now

  • U.S. Cyber Trust Mark Launches for Consumer Internet-Connected Devices

    The White House recently announced the launch of a cybersecurity label for internet-connected devices, known as the U.S. Cyber Trust Mark, completing public notice and input over the last 18 months. During that time, FCC Commissioners decided in a bipartisan and unanimous vote to authorize the program and adopt final rules, as well as the trademarked, distinct shield logo that will be applied to products certified for the U.S. Cyber Trust Mark label. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3