ClearSky: Group stole $200M in exchange hacks

Getting your Trinity Audio player ready...

A group of hackers could be behind theft of as much as $200 million from digital currency exchanges since 2018, according to research published by ClearSky.

The Israeli cybersecurity firm made the claims in a new report, which linked several high profile attacks to a single source. In the report, the firm said “with medium level of certainty” that the attackers were linked to Eastern Europe.

We estimate that the group managed to rake in more than $200 million in two years. We assess with medium level of certainty that the threat actor has links to the East European region, Ukraine, Russia or Romania in particular.

The report noted the group were small in number, yet highly effective in operation, stating, “They can attack very quickly. They’re not a big group, maybe three to four people … a small but effective operation.”

In its research, ClearSky suggested there may be elements of employee vulnerability in allowing the attacks to succeed.

“They are cyber criminals and we know of other similar cybercrime groups. In order for such an attack to succeed, usually the [crypto exchange] employees need to be vulnerable to social engineering … [We] didn’t see this attacker exploiting VPN [virtual private networks], for example, which is something we often see with other groups.”

Concluding their findings, ClearSky said there’s always a risk to those that hold digital currency in an exchange: “If you put your money on an exchange, you don’t know if it’s secure or not.”