Inventory From Beosin | There Are Over 15 Typical Security Incidents In May. Various Security Incidents Still Occurred From Time To Time, And Blockchain Security Still Needed To Be Focused On.
According to the data monitoring of Beosin-Eagle Eye, various security incidents have occurred from time to time in May. Security personnel of Beosin counted there are over 15 typical security incidents in May.
In terms of Exchange, there are 4 typical security incidents occurred in total:
01
Since the opening of subscription for platform token of Youbi Exchange on May 6, it has encountered large-flow DDoS attack for 3 consecutive days, resulting in a short period of inaccessibility of the server.
02
On May 14, a large-scale transfer of stolen assets occurred on Upbit Exchange. The hacker group transferred the stolen assets layer by layer through multiple layers of intermediate addresses. After the first transfer, the stolen assets were transferred again to multiple exchanges by using a large number of deposit addresses. Among them, 137 ETH transferred to Binance and already have been frozen by Binance. And Binance announced to cooperate with law enforcement agencies to investigate these transactions.
03
On May 27, after the officially opening of transaction pair of UEX Exchange at 20:00, the platform was hacked and attacked, and the hackers used additional UEX for selling regardless of the cost. UEX Exchange have already closed the deposit and withdrawal of token at present, and it is expected that it will take about 5 days to repair and verify the data.
04
On May 27, the platform of LMEX Stock Exchange was hacked, and about 150,000 USDT was stolen with a maximum of 52,000 USDT in single token. The panic of the platform market was serious.
In terms of Crypto Frauds/ Crypto Scams, there are 2 typical security incidents occurred in total:
01
Molly Spiers, the marketing manager of CoinCorner, said that Google Ads put ads for CoinCorner.com, a phishing and clone site, in order to imitate CoinCorner. After the group searched for CoinCorner on Google, they first noticed the fraudulent ads.
02
There were scammers pretending to be Yuchen Sun, the founder of TRON, and used the forging video of Yuchen Sun to induce the victims to make a live call. They invited the victims to make live Skype calls with fake Yuchen Sun in an attempt to steal assets from unsuspecting victims.
In terms of Ransomware/ Trojan of Mining, there are 5 typical security incidents occurred in total:
01
Grubman Shire Meiselas & Sacks has been attacked by the ransomware, REvil (Sodinokibi), and attackers threatened to release up to 756 GB of stolen data in 9 separate runs. The stolen data includes confidentiality contracts, phone numbers, email addresses, personal communications, confidentiality agreements, etc.
02
On May 6, the server of the blog platform, Ghost, was attacked by hackers. They used CVE-2020–11651 (Identification Bypass) and CVE-2020–11652 (Directory Traversal) to control the main server, Salt, and installed mining software for virtual assets.
03
The hacker group of H2Miner used the remote instruction, SaltStack, to execute vulnerabilities and invade enterprises’ host for mining. As of May 6, the hacker group of H2Miner had illegally profited more than RMB 3.7 million through controlling the server for mining XMR.
04
On May 5, the German Fresenius Group, the largest private hospital in Europe, was attacked by the ransomware, Snake. After encrypting computer files, Snake asked to pay the ransom in the form of bitcoin within a limited time, otherwise they would post the company’s internal documents on line.
05
The miners of Souleman used the vulnerability of Eternal Blue to attack enterprises and download the mining program of XMR compiled by XMRig. The group has profited more than RMB 270,000 through mining and hijacking virtual assets transaction from ClipBoard.
In terms of Dark Net, there is 1 typical security incident occurred in total:
01
Anonymous hackers obtained data from more than 129 million Russian car owners and exposed them on the dark net to get Bitcoin. The leaked information includes the full names, addresses, passport numbers and other data of millions of Russian car owners.
In terms of Others, there are 3 typical security incidents occurred in total:
01
Matt Corallo, the co-founder of Blockstream, recently announced a potential lightning network attack vector, but has not yet found a reasonable solution.
02
The information of 44 million mobile users from Pakistan have already leaked. Previously, hackers tried to sell the information for 2.1 million US dollars in bitcoin. The leaked information includes names of user’s, home addresses, ID cards, mobile phone numbers, etc.
03
The metadata of Zcash may have privacy vulnerability which allows attackers to use the protocol to apply some of these programs. The vulnerability has not yet threatened Blockchain.
In view of the current new situation in the field of Blockchain security, Beosin hereby summarizes:
In general, compared with security incidents that occurred in April, the number of security incidents that occurred in May has increased. And the overall number of security incidents is at a moderate level. The security of Blockchain is still worthy of attention.
In terms of exchange, all exchanges still need to pay attention to prevent DDoS attack; The incident which hackers drastically transferred stolen assets from Upbit Exchange also reminds exchanges should pay attention to large-scale assets transfer operations from unknown sources on a daily basis. Exchanges ought to do daily security protection, regularly conduct website security inspection, detect hidden security risks, and promptly repair loopholes if found to avoid being hacked.
In addition, the amount of the intelligence of ransomware and trojan of mining has increased in this month. Beosin hereby reminds users not to click on links or download software from unknown sources. If encountering ransomware, it is necessary to seek help from judicial departments and professional security companies to solve problems.
Facing the serious situation of Blockchain security, Beosin-AML can provide the visual compliance monitoring of virtual assets and the analysis system for investigation and forensics in order to help virtual assets service providers (VASP) monitor transaction risks and implement anti-money laundering compliance procedures; help law enforcement departments quickly collect evidence of virtual assets crime cases, and also provide a full range of security consulting services to answer Blockchain security questions.
Securing the ecological security of Blockchain, Beosin can do the best!
