The largest exchange platform for Bitcoin, Bitfinex, was recently breached, and had nearly 120,000 bitcoins worth approximately $72 million stolen in Hong Kong. Bitfinex has confirmed that the breach only affected bitcoin wallets, and that other cryptocurrencies traded on the platform were unaffected. All trading, digital token deposits and withdrawals have been halted, and Bitfinex’s website is offline, and will remain that way during the investigation and while they secure their environment.
References: Hackers have stolen £49 million worth of bitcoins | Bitfinex bitcoin exchange offline after potentially costly security breach | Bitcoin Worth $72M Was Stolen in Bitfinex Exchange Hack in Hong Kong
The latest version of Gozi has become more sophisticated and is targeting financial companies and banks, such as PayPal, ING Bank, and Bank of Tokyo.
The way it works is Gozi uses web injection attacks that shows a fake page on top of the original banking portal page. The unsuspecting user unknowingly enters their key to send their money to a "mule" designated by the malware operators. In addition, biometric information, such as how long the user takes to move from an input field to the next or the time between keystrokes are sent to its control panel to bypass detection from systems based on user behavior.
References: New, active Gozi malware can evade web fraud detection, and is attacking global financial institutions | New Gozi Trojan Version Can Bypass Some Behavioral Biometrics Defenses | Gozi Ups Its Game in Global PayPal, Bank Attacks
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.