- Users of the South Korean crypto exchange Upbit received phishing emails.
- East Security, a cybersecurity firm, confirmed that no damages have been reported until now.
According to a report on May 31, a North Korean hacker group is applying the classic phishing attack to steal information of the users of the crypto exchange UpBit. East Security, a cybersecurity firm, published some data which revealed that users of the South Korean crypto exchange received phishing emails which mentioned that UpBit needed more information from its users to pay out sweepstakes.
However, the mail was not sent from UpBit’s server which gave a warning signal. The security company noted that the email also contained an attachment labeled as the documentation of the payout that contained malicious codes which would rip off important data from users’ computers. It would also connect the victims’ computers to a command and control system for remote access. The file was password protected to avert the widely used security solutions.
“In analyzing attack tools and malicious codes used by hacker groups, there are unique characteristics we saw,” Mun Jong-hyun, head of the ESRC Center at East Security, said.
The cybersecurity firm suspects the involvement of a North Korean hacker group called Kim Soo-ki on evaluating the tools and tactics used by them. However, they confirmed that no damages have been reported until now.
“As bitcoin prices rise, more and more customers are using exchanges. This means that the number of victims has increased, which means that the possibility of stealing passwords stored in the exchange has increased,” Mun added.
Share
