Last week Upbit, a South Korean cryptocurrency exchange, confirmed that 342,000 ether (presently worth about $51 million) was stolen off the exchange. Upbit suspended withdrawals and deposits and stated that it would take at least two weeks for services to return to normal. The exchange also said, however, that the loss would be covered by the company's own assets. Some who have reviewed the transfer details from that Wednesday suggest the hack was an inside job.
Lazarus, a state-sponsored North Korean computer hacking team, is believed to be behind new macOS malware that can pull a payload (malicious coding) from a remote location and run it in memory, making it harder to conduct forensic analysis. The "fileless" malware was uncovered earlier this week by Dinesh Devadoss, a threats analyst, and was found on a website "unioncrypto.vip" that claimed to offer a "smart cryptocurrency arbitrage trading platform." Last week, security analysts from a major U.S. technology firm revealed that the malware – called Dexphot – had infected nearly 80,000 devices since October 2018. The malicious code allows criminals to deploy CPU miners onto the victim's device, stealing processing power and generating money from mining cryptocurrency – a process sometimes referred to as "cryptojacking."
Late last week, the Department of Justice issued a press release announcing the arrest of Virgil Griffith, a U.S. citizen living in Singapore, for violating the International Emergency Economic Power Act by traveling to North Korea to deliver a presentation called "Blockchain and Peace" at the Pyongyang Blockchain and Cryptocurrency Conference. The U.S. government had previously denied Griffith's request to travel to the country. A U.S. assistant attorney general said, "Despite receiving warnings not to go, Griffith allegedly traveled to one of the United States' foremost adversaries, North Korea, where he taught his audience how to use blockchain technology to evade sanctions. By this complaint, we begin the process of seeking justice for such conduct." Griffith's arrest occurred on Thanksgiving Day in Los Angeles International Airport. He was later released from jail after bond was posted.
For more information, please refer to the following links:
- Crypto Exchange Upbit Confirms Theft of $49M in Ether
- Signs Point to Inside Job in Upbit Crypto Exchange Hack, Says Commentator
- New macOS Threat Served from Cryptocurrency Trading Platform
- North Korean Hacking Group May Be Behind Malware-Laden Fake Crypto Site
- New Crypto-Stealing Malware Infected 80,000 Computers, Microsoft Says
- U.S. Authorities Arrest Virgil Griffith For Teaching Cryptocurrency And Blockchain
- Ethereum Developer Virgil Griffith to Be Released From Jail Pending Trial
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
