Report: Record-Breaking Coincheck Hack Perpetrated by Virus Tied to Russian Hackers

The personal computers of Coincheck workers have allegedly been found to have been infected by a virus associated with Russian hackers.

The personal computers of workers at hacked Japanese crypto exchange Coincheck have allegedly been found to have been infected by a virus associated with a hacker group of Russian origin. The allegation was reported by Cointelegraph Japan on June 16.

As Cointelegraph has reported, in January 2018, Coincheck suffered an industry record-breaking hack when $534 million worth of NEM was stolen from its wallets.

Cointelegraph Japan cites a report from Japanese media agency Asahi Shimbun, which claims that fresh research has cast doubt on prior assumptions that the high-profile hack had been perpetrated by attackers with a North Korean connection.

Experts are now considering the possibility that the crime was committed by “an unknown group of hackers,”  Cointelegraph Japan notes.

According to Asahi Shimbun, “Mokes” and “Netwire” viruses have been identified in recent investigations into workers’ personal computers, which may have been disseminated via an email that installed the viruses to gain unauthorized access to the exchange’s private keys.

Given that both viruses are known to have been previously deployed by Russian hackers, a United States expert told the media agency:

“From the analysis of the virus, Eastern Europe and Russia may be related to the server criminal group of the base.”

As Asahi Shimbun reports, both viruses enable hackers to take over the infected PC and operate it remotely. While Morks was first promoted on a Russian forum in June 2011, Netwire is reported to have been known to cybersecurity investigators for 12 years.

As reported this May, as yet unidentified hackers used phishing and viruses to withdraw 7,000 bitcoin (BTC) from compromised Binance hot wallets in a premeditated attack that went undetected by the exchange’s security systems.

This spring, a South Korean cybersecurity firm claimed that North Korean hackers were behind a phishing scam targeting users of South Korean cryptocurrency exchange UpBit.

Visit the USSA News store!
Click this link for the original source of this article.
Author: Marie Huillet


This content is courtesy of, and owned and copyrighted by, https://cointelegraph.com and its author. This content is made available by use of the public RSS feed offered by the host site and is used for educational purposes only. If you are the author or represent the host site and would like this content removed now and in the future, please contact the USSANews.com administrator by using the contact form located in the top-left menu. Your request will be immediately honored. Please visit https://cointelegraph.com for more terrific, conservative content. The owner of this website may be paid to recommend American Bullion. The content of this website, including the positive review of American Bullion, the negative review of its competitors, and any other information may not be independent or neutral.

USSANews.com USSANews.com