An attacker gains the trust of industry participants to further send an Excel file with malicious code

​Microsoft reports a new type of attack on crypto companies

07.12.2022 - 11:30

186

2 min

What’s new? US technology company Microsoft has warned users about a new type of attack targeting crypto companies. According to a blog post, an attacker is sending an Excel file called “OKX Binance & Huobi VIP fee comparison” to Telegram groups that contains malicious code to gain remote access to victims’ systems.

News on the Microsoft blog

How is the attack being carried out? The last attack detected was carried out by DEV-0139 (code assigned by Microsoft for easy identification), which joined Telegram groups used to communicate between VIP clients and cryptocurrency exchange platforms. DEV-0139 posed as a representative of a crypto investment company and initiated a discussion about the fees of various exchanges. After gaining the trust of other participants, DEV-0139 sent them an Excel file comparing fees for VIP on OKX, Binance, and Huobi exchanges that contained malicious code.

Microsoft stressed that the cryptocurrency market has expanded significantly over the past few years. Digital assets are used by cybercriminals for ransomware attacks, in addition, there are attacks against crypto companies for financial gain. Attacks on this market take many forms, including fraud, vulnerability exploits, and fake apps. The company is also seeing more sophisticated types of attacks, which require expert industry knowledge and serious training to gain the trust of victims before an attack is carried out.

Microsoft was founded in 1975 and is headquartered in Redmond, Washington. It develops, manufactures, licenses, supports, and sells computer software, consumer electronics, personal computers, and related services.

In May, Microsoft warned of new malware targeting cryptocurrency wallets. The company introduced the term cryware, which refers to the theft of information from non-custodial hot cryptocurrency wallets.

Author:

Michael Golikov Michael Golikov

Subscribe to Getblock Magazine and stay up to date with the latest news from the world of cryptocurrencies and the digital economy