Hackers, Not Users, Lose Money in Attempted Cryptocurrency Exchange Heist

Faybert

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
Binance, one of the largest cryptocurrency exchanges on the Internet, said today that hackers and a well-executed phishing campaign are to blame for the Bitcoin sell-offs from yesterday's afternoon.

The incident the company is referring to happened late yesterday afternoon (Mar 7, UTC 14:58-14:59), when thousands of user accounts started selling their Bitcoin and buying an altcoin named Viacoin (VIA).

The incident looked like a hack, and users reacted accordingly, with many complaining on social media, such as Twitter and Reddit.

"Wtf??? All my coins got sold and I brought [Viacoin]? Did I just get hacked?," a Reddit user wailed.

But this wasn't a hack, or at least not your ordinary hack. The way this was done was incredibly clever.

Hackers ran a tw-month phishing campaign
According to an incident report published by the Binance team, in preparation for yesterday's attack, the hackers ran a two-month phishing scheme to collect Binance user account credentials.

Hackers used a homograph attack by registering a domain identical to binance.com, but spelled with Latin-lookalike Unicode characters. More particularly, hackers registered the bịnạnce.com domain —notice the tiny dots under the "i" and "a" characters.
...
...
...
...
Click to expand...
 
  • Like
Reactions: silversurfer, harlan4096, Transhumana and 1 other person
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
But hackers didn't know one thing —Binance's secret weapon— an internal risk management system that detected the abnormal amount of Bitcoin-Viacoin sale orders within the span of two minutes and blocked all transactions on the platform.

Hackers tried to cash out the 31 Binance accounts, but by that point, Binance had blocked all withdrawals. Furthermore, in the subsequent investigation, Binance identified the 31 accounts, reversed all transactions, and confiscated the original Viacoin funds that hackers deposited in the accounts.
Click to expand...

Sounds like a similar setup we have at banks in my country that reacts within a split second on odd transactions. Wonder if the accounts that was phished had some two-step verifications? Should IMO be mandatory as that should normaly blocked any withdrawals as a first line of defence.
 
  • Like
Reactions: silversurfer, Faybert and Transhumana
You must log in or register to reply here.

Similar threads

vtqhtr413
    • Like
UK Twitter Celebrity Hacker Pleads Guilty in US
Replies
0
Views
356
News Archive
vtqhtr413
vtqhtr413
Gandalf_The_Grey
    • Like
    • Sad
    • Hundred Points
SolarWinds hack in 2020: US Department of Justice knew 6 months in advance
Replies
1
Views
553
News Archive
oldschool
oldschool
Gandalf_The_Grey
    • Wow
    • Like
    • +Reputation
Revolut hack exposes data of 50,000 users, fuels new phishing wave
Replies
2
Views
606
News Archive
upnorth
upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top