Binance CEO Warns Users About New Hack Targeting Cryptocurrency Industry
Binance CEO Changpeng ‘CZ’ Zhao sent to Twitter to advise about the latest hack type targeting the crypto world – one implemented by the threat actor with a broad understanding of the cryptocurrency industry.
Malicious Code Identified And Exposed
He clarify that users may receive a file from a friend, but that companion may have already been compromised to start with. This person may share a weaponized Excel file with the name exchange fee comparision.xls, which embodies a malicious code, among other threats, targeting crypto funds.
Furthermore, CZ referred to a Microsoft Security Threat Intelligence blog post publicized this Tuesday, which discusses targeted assaults against the cryptocurrency industry.
The blog says, given the rise of the crypto market over the past many years, it hasn’t captivated the awareness of only investors – but of threat actors too, who promptly target organizations within the cryptocurrency industry for financial gain.
Moreover, They discover that Attacks targeting this market have taken many forms, entailing fraud, susceptibility exploitation, fake apps, and usage of identity stealers, as attackers venture to get their hands on cryptocurrency funds.
Trust Could Cost You Heavily
Novel tactics are being formulated, the report said, one of which was utilized by a threat actor tagged as DEV-0139 (a temporary identification name bestowed to an unknown cluster of threat activity until they are specified named).
We are also discerning more complex attacks wherein the threat actor exhibits great proficiency and preparation, taking steps to earn their target’s trust before initiating payloads, says the report.
Furthermore, DEV-0139 enlisted in a Telegram chat group to target crypto enterprise corporations. They promoted communication between VIP clients and crypto exchanges, then identified their target from among the members.
Consequently, The threat actors feigned as delegates of another crypto investment company, and in October 2022 enticed the target to a new chat group where they bluffed to ask for feedback on the fee system used by exchanges.
Unfortunately, The threat actors had a comprehensive knowledge of this specific part of the industry, implying that they were well prepared and conscious of the current challenge the targeted firms may have, the team said.