Microsoft reports a new type of attack on crypto companies
An attacker gains the trust of industry participants to further send an Excel file with malicious code
07.12.2022 - 11:30
186
2 min
0
What’s new? US technology company Microsoft has warned users about a new type of attack targeting crypto companies. According to a blog post, an attacker is sending an Excel file called “OKX Binance & Huobi VIP fee comparison” to Telegram groups that contains malicious code to gain remote access to victims’ systems.
How is the attack being carried out? The last attack detected was carried out by DEV-0139 (code assigned by Microsoft for easy identification), which joined Telegram groups used to communicate between VIP clients and cryptocurrency exchange platforms. DEV-0139 posed as a representative of a crypto investment company and initiated a discussion about the fees of various exchanges. After gaining the trust of other participants, DEV-0139 sent them an Excel file comparing fees for VIP on OKX, Binance, and Huobi exchanges that contained malicious code.
Microsoft stressed that the cryptocurrency market has expanded significantly over the past few years. Digital assets are used by cybercriminals for ransomware attacks, in addition, there are attacks against crypto companies for financial gain. Attacks on this market take many forms, including fraud, vulnerability exploits, and fake apps. The company is also seeing more sophisticated types of attacks, which require expert industry knowledge and serious training to gain the trust of victims before an attack is carried out.
Microsoft was founded in 1975 and is headquartered in Redmond, Washington. It develops, manufactures, licenses, supports, and sells computer software, consumer electronics, personal computers, and related services.
In May, Microsoft warned of new malware targeting cryptocurrency wallets. The company introduced the term cryware, which refers to the theft of information from non-custodial hot cryptocurrency wallets.
Useful material?
Market
Users who have experienced withdrawal problems in the last two days will be eligible to participate
Mar 28, 2024
Market
Last July, a criminal investigation into the exchange was opened by the US authorities
Mar 27, 2024
Market
The unrealized profit from the deal was $8,9 million
Mar 26, 2024
Incidents
The phasing out began on March 25
Mar 25, 2024
Crypto regulations
The new measures must go through additional stages of approval
Mar 25, 2024
Incidents
The popularity of this kind of project launch format has already led to blockchain overload
Mar 20, 2024