BlockThreat - Week 26, 2019

Several arrests were reported this week in UK, Netherlands, and Israel, $4.5 million in crypto assets were stolen from a major exchange in Singapore, and another Florida city settled a ransomware demand to get their computers back online. The increased number of ransomware attacks and folks choosing to pay off attackers appears to be a new trend for this month.

News:

• 6 Arrested in the UK and Netherlands in €24 million cryptocurrency theft - arrests made as a result of an investigation into typo-squatting domains targeting popular cryptocurrency exchanges around the world.
• Two Israeli brothers arrested for phishing and participating in a 2016 hack of Bitfinex - a major arrest of the actors behind various cryptocurrency compromises including the Bitfinex hack amounting to $100 million. The two brothers have allegedly used various phishing tactics, wallet malware, and other techniques.
• Second Florida city pays giant ransom to ransomware gang in a week - another small city in Florida paid 42 BTC ($500,000) in ransom. It is interesting that in both cases the ransom was negotiated and paid by the insurance provider — The League of Cities.

Hacks:

• Hacker steals $4.5 million from Bitrue cryptocurrency exchange - On June 26th, 2019, a malicious actor was able to exploit a vulnerability in Bitrue exchange to steal 9.3 million XRP and 2.5 million ADA coins. The exchange released a notification about the hack on Twitter in about 1 hour after the breach was detected, included attacker’s wallet address, and regular updates on the investigation. Great job on communicating during the incident, Bitrue!
  
  Indicators:
  Attacker’s XRP wallet: rwSvajJ4ZNhjgzcfaJWkEuLh4VURTFHuka

Tools:

• EVulHunter - a new static analysis tool for EOS smart contracts was just released along with a paper and a video demonstration. The tools is based on the Octopus project.

Never a dull day in the blockchain security. See you all in next week’s blockchain threat intelligence!