Yazılım Kulübü

Authorities recently announced the sentence of two Russian hackers for crimes they committed. In the past years, criminals who have stolen many users’ identity and earned close to $ 17 million in cryptocurrencies were also accused of hacking several websites directly interested in cryptocurrencies. Here’s how the latest cryptocurrency attack by Russian hackers happened.

It turned out that criminals named Danil Potekhin and Dmitrii Karasavidi, who are Russian citizens, were involved in many advanced phishing attacks and money laundering attempts before they were caught. Authorities uncovered the phishing attempts allegedly planned by the two.

Apart from the sanctions they face, the US Treasury Department has also said that they will impose economic sanctions against the two. The ministry announced that they would put all their properties and all their money out of use, and it would be a crime to trade with the two.

3 Tactics Used in The Latest Cryptocurrency Attack by Russian Hackers

1. Attackers used sites that were identical to the home pages of the cryptocurrency sites such as Poloniex, Gemini, and Binance. With this method, they hijacked many users’ login credentials. With the information they captured, they earned almost $ 10 million from the Binance site, $ 5.24 million from the Poloniex site, and $ 1.17 million from the Gemini site. The phishing attack damaged about 400 users.
2. It is alleged that the pair laundered their stolen cryptocurrencies through multiple accounts, using cryptocurrency exchange sites. It is also said that they set aside some of the money they stole and manipulate the value of cryptocurrencies with this money and increase their earnings for their own benefit.
3. Potekhin and Karasavidi used the stolen accounts to place orders to buy lots of ‘GAS’. People use this digital currency for transactions on the blockchain called NEO. NEO is the very first freely available blockchain network in China. When they bought extreme volumes of the cryptocurrency named GAS, they raised the cryptocurrency price from $18 to $2,400, which was quite alarming. Later they sold the cryptocurrency from that price using their fake accounts. They turned the GAS they had to Bitcoin, Ethereum, and other currencies.

The Results of The Latest Cryptocurrency Attack by Russian Hackers

The authorities made their decisions regarding the cryptocurrency accounts of the attackers. They decided to examine accounts for all cryptocurrency operations, search the signs that might indicate phishing, and find the possible victims. The consequences of the attack on victims are very harsh. Some even said that he considered suicide because of the attack. Some said the money stolen from them was for their child’s medication.

But according to the latest news, the damages might be fixed. Though there is no certainty, authorities say the Secret Service may have found the stolen cryptocurrency. Even so, the victims can get their stolen money in years.

The decision of the authorities suggests that the legal system no longer tolerates cyberattacks or ransomware attacks. The penal sanctions are increasing day by day. In the past few years, authorities pressed charges for cyber crimes against several hackers from Russia, Nigeria, and Eastern Europe.

How Could The Latest Cryptocurrency Attack by Russian Hackers Have Been Avoided?

1. With testing your knowledge using phishing simulations.

Social engineering attacks are rising and getting more complicated day by day. Our knowledge becomes very limited under these conditions. Using our Phishing Simulator, you can quickly launch phishing attack simulations to assess your awareness and vulnerability regarding cybersecurity.  You may also use it for your company to monitor the functionality and to track and identify your weakest employees and get them in successful training against recent phishing types.

2. With using cyber threat intelligence tools to reduce risks.

You should consistently test your vulnerabilities. This way, you can see if a security breach compromises your data. Unfortunately, this is costly for every device. With our Passive Vulnerability Scanning tool, you can see a clear overview of your system and regularly check if it is vulnerable to a recently found data breach. Passive Vulnerability Scanning tool is within our Cyber Threat Intelligence tool. With these tools combined, you can get the latest developments in cybersecurity and you will be ready for any type of attack.

“This post is originally published at www.phishing.org.uk”