Cyberattacks on Cryptocurrency Projects
Recent reports have highlighted a troubling series of cyberattacks on cryptocurrency projects linked to Matt Furie, the original creator of Pepe the Frog. On-chain investigator ZachXBT disclosed that the attacks, believed to be orchestrated by North Korean hackers, caused damages exceeding $1 million. The affected projects include Replicandy, Peplicator, Hedz, and Zogz, all developed by Furie’s team on the ChainSaw platform, from which approximately $310,000 was siphoned off. Additionally, around $680,000 was stolen from another initiative known as Favrr.
The hackers exploited vulnerabilities in smart contracts, lifting limitations on token creation and subsequently minting NFTs that were sold immediately, leading to their depreciation to zero value. ZachXBT has speculated that the attackers might be North Korean developers who have been recruited through freelance platforms, as he has noted consistent payments to such “employees” from different cryptocurrency projects. He intends to release more detailed statistics to further illuminate this issue.
Emergence of SparkKitty Trojan
In another significant cybersecurity threat, a new trojan named SparkKitty has emerged, being disseminated through fraudulent app store websites. Kaspersky Lab reported that this malware masquerades as cryptocurrency-related applications as well as modified versions of popular social media apps like TikTok. Upon installation, the trojan requests access to users’ photo galleries, tracks any alterations, builds a local database of stolen images, and uploads this information to a remote server, primarily seeking screenshots of users’ cryptocurrency wallet seed phrases. Its primary targets appear to be individuals residing in China and Southeast Asia.
Law Enforcement Actions
In the realm of law enforcement, a notable arrest was made in France involving the hacker known as IntelBroker, who was apprehended following investigations by the U.S. Justice Department. The 25-year-old British individual, charged with conspiracy to conduct computer intrusions and electronic fraud, is facing extradition to the United States. Authorities tracked down IntelBroker’s cryptocurrency activities via wallet addresses linked to Ramp and Coinbase, where they located scans of personal documents corresponding to his email address.
Additionally, this week has seen the capture of four BreachForums v2 operators in France, including ShinyHunters, who had taken over administrative duties after the earlier arrest of another key figure, Pompompurin. IntelBroker was also involved in managing this hacker forum following its resurgence.
Sentences for REvil Hackers
In Russia, a court handed down sentences to four individuals associated with the notorious REvil hacking group, awarding them five years in prison. However, with credit for time served during pre-trial detention, the individuals were released after the verdict.
Cybersecurity Measures in the U.S.
Meanwhile, in the U.S., the Congressional Office of Cybersecurity has mandated a ban on the use of WhatsApp on devices utilized by legislative personnel, dubbing the application as “high risk” due to inadequate encryption and unsatisfactory data protection transparency. Congressional staff and members have been recommended to utilize alternative messaging platforms such as Microsoft Teams, Wickr, Signal, or FaceTime instead. In response, Meta, the parent company of WhatsApp, expressed its strong disagreement, asserting that their platform offers a superior level of security compared to the alternatives suggested by Congress.
