fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Hackers blackmail exchange with $5 million of Ethereum fees – report

In the last two days, three bizarre Ethereum transactions have spent $5.7 million on fees. But a report claims it’s not a bug—an exchange is being blackmailed.

In brief

  • In the last few days, three Ethereum transactions have paid $5.7 million in fees.
  • A new report explains that it might be a blackmail attempt on an exchange.
  • It details how the hackers may have got access to the funds, and why they can’t steal them.

It’s been an expensive week for users of the Ethereum blockchain. In the last two days one user managed to spend $5.2 million in fees to make just two transactions—and one of them was only for $130! And now, a third transaction has taken place by another user, albeit for a fee of just $500,000, which seems small in comparison.

And these absurd transactions are prompting far-fetched theories.

While initially thought to be a bug, it appears an exchange is being blackmailed. Image: Shutterstock.

“The 3rd abnormal tx on ethereum with over 2000 ETH fee went [through]. Someone believes it could be a hacker’s blackmail to some exchange,” tweeted NEO co-founder Da Hongfei.

“A [wild] guess [is] certain exchange/wallet/ETH services is being “kidnapped” by hacker,” speculated Primitive Crypto founding partner Dovey Wan.

But, according to China-based blockchain analytics company PeckShield, reported by Chainews, these theories aren’t so wild after all. PeckShield’s analysis explains that the million-dollar snafus were probably “gas price ransomware attacks.”Minion@TokenInsight@minionabct

Analysis done by PeckShield on the recent two major ETH transfers. This may be a GasPrice ransomware attack launched by hackers targeting the exchange.

In short, the researchers claim that the hackers have gained access to an exchange’s funds. They are able to send money to certain whitelisted accounts that are marked as reliable in the exchange’s database to—but not to their own. So, they are sending the funds with excessively high transaction fees to sap the exchange’s accounts, and they’re demanding a ransom if it’s going to stop.

The research is aimed at the first two transactions, that spent $5.2 million in total on fees, but it may apply to the third one too. (Since publishing the article, it appears that the third transaction may have been unrelated and caused by a separate direct hack on another exchange).

Hackers blackmail the exchange

The hackers started by using a phishing attack (where they fake a website or an email to try to gain credentials) to gain some kind of access to the exchange, according to the report. It worked, they had part of the permissions to send a transaction. But there was a problem.

The exchange had a multi-signature security setting. This means that multiple keys (like passwords) are required to send the money. So, it seemed like there was nothing they could do.EthereumAn Ethereum user lost $5.2 million in two massive mistakesAn Ethereum user has accidentally sent two transactions with excessively large transaction fees in the last day. As Decrypt reported yesterday, the user paid $2.6 million in fees to send just …NewsTechnologyTim Copeland3 min read 

But then they realised they could circumvent this multi-signature security with a trick: they could send to whitelisted address, because these addresses only require a single authorization to send a transaction.

Only the hackers were unable to send the money to their own accounts in this way. Instead they figured they would send a small amount of Ethereum to one of the whitelisted addresses but tack on an excessively large transaction fee. While they weren’t getting any of the money, they were costing the exchange dearly. And that gave them room to demand a ransom.

ETH+15.72%$235.2924H7D1M1YMaxMay 14May 18May 22May 26May 30Jun 3Jun 7Jun 11190200210220230240250ETH Price 

And that’s the whole gambit: the hackers will keep sending ETH from this exchange until its operators cave to their demands, PeckShield’s analysis claims.

Decrypt could not immediately reach PeckShield for comment, nor could it verify which exchange (which is undisclosed in PeckShield’s report) has been affected.

This article has been updated with a comment on the third transaction.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us