Hackers from North Korea have tried to damage the reputation of UpBit by attacking its users with malicious hacking code. Just so you know, UpBit is a cryptocurrency exchange based in South Korea and according to the report released by security agency called East Security, the hacking attempt was made on May 28. Attackers allegedly sent a phishing email to the UpBit’s users. The subject line of the email suggested that the exchange wants to have some more information about payout transactions of the users. In reality, the email wasn’t sent from the UpBit server, which finally led to the detection of the fraud.
The phishing email had a file attachment which claims to have the documentation related to payout transaction. To keep any kind of suspicion at bay, hackers made sure that this file feels just like another document when it is downloaded and processed for entering the information. There is no visible difference between the processing of this email document from other similar documents, but then this hacking document would run the hacking code embedded in it by the hackers. According to the security agency, hackers through this malicious software then get access to the sensitive information of users, including personal information, logins, private keys, etc.
Tracing back roots
Looking at the past trends and incidents related to various kinds of hacking attempts, Mun Jong-hyun, who heads East Security’s ESRC center, said that the agency believes this hacking attempt is a work of hackers from North Korea. Especially looking at the modus operandi and basic characteristics of the hacking attempts, it is clear that hackers from North Korea are behind this malicious attempt. Similar kind of attack was witnessed by government agencies in Korea when Operation Fake Striker was launched by hackers in the month of January earlier this year.
Jong-hyun also attributed the rising value of Bitcoin and other cryptocurrencies to the rising number of hacking attempts on cryptocurrency exchanges. With an increase in the number of people buying and selling Bitcoin on the exchanges, hackers are finding it easier to trap unsuspecting users. It is, therefore, recommended that people investing in cryptocurrencies and trading digital coins on exchanges must be very careful about the standard operating procedures. It is also a responsibility on the part of exchanges that they should run a number of safety and awareness programs for their users so that these kinds of hacking attempts can be effectively countered.
What made this hacking move even more unsuspecting is the fact that hackers very cleverly used the word “UPBIT” for protecting the attached malicious file. This was done to bypass anti-virus software which would have otherwise detected this hacking attempt. There is no information about any damage done by this hacking attempt, and the security agency has once again warned all the users not to download or click on any malicious or suspicious document or a file.