An organized cybercrime group believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges, cyber-security firm ClearSky said in a report shared with ZDNet.
ClearSky reports that the criminal group “CryptoCore”, is a financially motivated attacker that targets the cryptocurrency sector. This includes exchanges, traders and third-parties via supply-chain attacks.
CryptoCore currently focuses on organisations in the United States and Japan; it has been linked to five attacks since 2018. While it is not clear where the group is based, it has links to Eastern Europe and could come from Ukraine, Russia, or Romania.
The first stage of the attack involves spear-phishing high-ranking individuals connected to the target organisation to establish a foothold. Once a user is compromised, CryptoCore targets the user’s password manager to steal access keys for cryptocurrency wallets and account credentials.
Click the button below to read more from the source article.