Security News
The U.S. Department of Treasury today sanctioned cryptocurrency mixer Blender.io used last month by the North Korean-backed Lazarus hacking group to launder funds stolen from Axie Infinity's Ronin bridge. In the wake of the attack, Sky Mavis revealed that hackers breached the Ronin bridge on March 23 to steal 173,600 Ethereum and 25.5M USDC tokens in two transactions worth $617 million at the time, the largest cryptocurrency hack in history.
Y Greenberg wrote a long article - an excerpt from his new book - on how law enforcement de-anonymized bitcoin transactions to take down a global child porn ring. Within a few years of Bitcoin's arrival, academic security researchers - and then companies like Chainalysis - began to tear gaping holes in the masks separating Bitcoin users' addresses and their real-world identities.
Germany's Federal Criminal Police Office, the Bundeskriminalamt, on Tuesday announced the official takedown of Hydra, the world's largest illegal dark web marketplace. " Bitcoins amounting to currently the equivalent of approximately €23 million were seized, which are attributed to the marketplace," the BKA said in a press release.
A new version of the MyloBot malware has been observed to deploy malicious payloads that are being used to send sextortion emails demanding victims to pay $2,732 in digital currency. MyloBot, first detected in 2018, is known to feature an array of sophisticated anti-debugging capabilities and propagation techniques to rope infected machines into a botnet, not to mention remove traces of other competing malware from the systems.
Split between thousands of bitcoin addresses in cold wallets, some stored in the cloud. Ultimately, claims the investigation, many of the accounts created and used for shuffling the stolen funds around were traced back to a New York couple who have now been arrested on fraud and money laundering charges: Heather Morgan, 31, and her husband Ilya Lichtenstein, 34.
Two New York-based "Tech entrepreneurs" were arrested on Tuesday for allegedly conspiring to launder $4.5bn in stolen cryptocurrency, the US Department of Justice said, adding it's so far recovered $3.6bn in purloined digicah - based on current prices. At the time the funds were stolen in August 2016, a single BTC traded for about $540, making 119,754 BTC worth about $65m. Today, one BTC sells for roughly $43,170, making the total haul worth about $5.2bn; it was valued at around $4.5bn at the time the feds filed their court documents.
The victim in this case was the Sony Life Insurance Company Limited, which was allegedly defrauded of this enormous sum in an audacious internal scam that was apparently pulled off by a single employee. The US Department of Justice claims that a certain Mr Rei Ishii conducted a classic "Send funds to a different account" scam.
The US has returned $154 million in bitcoins stolen by a Sony employee. On December 1, following an investigation in collaboration with Japanese law enforcement authorities, the FBI seized the 3879.16242937 BTC in Ishii's wallet after obtaining the private key, which made it possible to transfer all the bitcoins to the FBI's bitcoin wallet.
The United States has taken legal action to seize and return over $154 million purportedly stolen from Sony Life Insurance Company Ltd, a SONY subsidiary, by an employee in a textbook business email compromise attack. "According to the government's complaint, Rei Ishii, an employee of Sony Life Insurance Company Ltd. in Tokyo, allegedly diverted the $154 million when the company attempted to transfer funds between its financial accounts," the Justice Dept said today.
Unsecured QNAP NAS devices are getting covertly saddled with a new bitcoin miner, QNAP has warned users. "Once a NAS is infected, CPU usage becomes unusually high where a process named '[oom reaper]' could occupy around 50% of the total CPU usage. This process mimics a normal, legitimate kernel process with the same name. However, while the legitimate kernel process PID is usually below 1000, the bitcoin miner PID is usually greater than 1000," the company explained.