Russian Hackers May Be Responsible for Coincheck Heist
Investigators looking into the more than half a billion dollar Coincheck heist of 2018 have revealed that Russian hackers may have been responsible for the attack. Reports indicate that two malicious malware written in Russian, “mokes and “netwire,” have been discovered in the previously hacked Coincheck employee’s computer. This, according to a local news source, The Asahi Shimbun on June 19, 2019.
It’s Russia, not North Korea
Per sources close to the matter, when $530 million worth of the NEM (XEM) altcoin was stolen from Japan’s Coincheck exchange in January 2018, accusers pointed at North Korean hackers for the heist.
However, a new report has revealed that the notorious North Koreans may be innocent of that particular crime, as investigators in charge of the case have discovered two viruses on the compromised computer associated with Russian hackers.
Reportedly, when the heist took place last year, Coincheck told investigators that the bad actors managed to gain access to the personal computer of one of its employees which contained the login credentials to its hot wallet.
Now, investigators have discovered that the Coincheck employee had unknowingly installed a crypto-stealing malware contained in an email attachment sent by the crypto thieves.
This way, the perpetrators of the crime were able to gain remote access into the system and steal the digital assets.
According to the researchers investigating the incident, two deadly Trojans, “mokes and “netwire,” were discovered in the hacked computer.
First discovered in 2016 by cybersecurity experts Kaspersky Labs, mokes is a dangerous malware virus designed to steal any valuable financial information it can find on a victim’s computer.
Netwire, on the other hand, is a Remote Access Trojan (RAT) first spotted in 2012. Its functionality focuses on password stealing, keylogging, and other malicious activities.
The researchers have also revealed that cyberpunks in parts of Europe and Russia have used both mokes and netwire to orchestrate numerous attacks on cryptocurrency exchanges since 2016.
Hacks and heists are becoming the norm in the cryptocurrency industry, and rogue actors have formulated various means to steal bitcoin and altcoins of unsuspecting cryptocurrency holders remotely.
Earlier in June 2019, BTCManager informed that hackers had created a fake version of the Cryptohopper bitcoin trading site in a bid to steal the cryptoassets of people who fall victim to the trick.