Chinese Gov’t Hackers Are Targeting Crypto Companies: Report

Published at: Aug. 7, 2019

Chinese state hackers are performing attacks against cryptocurrency and video game enterprises, cybersecurity company FireEye claims in a report published on Aug. 2.

Chinese government facilitating hacking operations

Per the report, Chinese state espionage cyber unit APT41 “targets industries in a manner generally aligned with China's Five-Year economic development plans.” Still, FireEye researchers claim that “the group is also deployed to gather intelligence ahead of imminent events, such as mergers and acquisitions and political events.”

Industries targeted by the unit reportedly include healthcare, high technology (semiconductors, batteries, and electric vehicles), media, pharmaceuticals, retail, software, telecommunications, travel services, education, video games and cryptocurrencies.

The targeted countries include France, India, Italy, Japan, Myanmar, the Netherlands, Singapore, South Korea, South Africa, Switzerland, Thailand, Turkey, the United Kingdom, the United States and Hong Kong.

APT41 targeted a crypto exchange

FireEye claims that in June last year APT41 sent malicious emails to a blockchain gaming startup. In October 2018, the group maliciously deployed an instance of XMRig, a Monero (XMR) mining tool. An email address used in an espionage operation against a Taiwanese newspaper was reportedly later used to target a cryptocurrency exchange in June 2018.

Furthermore, FireEye claims to have found code overlaps between malware used by APT41 in May 2016 targeting of a U.S.-based game development studio and the malware observed in supply chain compromises in 2017 and 2018. 

The report also notes that the group also deployed ransomware in at least one instance. Though some of the attacks were not commissioned by the Chinese state. The report says:

“Unlike other observed Chinese espionage operators, APT41 conducts explicit financially motivated activity, which has included the use of tools that are otherwise exclusively used in campaigns supporting state interests. The late-night to early morning activity of APT41's financially motivated operations suggests that the group primarily conducts these activities outside of their normal day jobs.”

As Cointelegraph reported in June, the personal computers of employees at hacked Japanese crypto exchange Coincheck have allegedly been found to have been infected by a virus associated with a hacker group of Russian origin.

Tags
Related Posts
New Zealand Police Say Cryptopia Is Ready to Resume Trading, but Platform Remains Offline
The New Zealand Police have reported that recently hacked crypto exchange Cryptopia is ready to be relaunched and resume operations, Auckland-based news agency The New Zealand Herald reports on Feb. 13. Detective inspector Greg Murton reportedly said that the main part of the work required by the High Tech Crime Group at Cryptopia's business premises in Christchurch has been mostly finished, claiming that Cryptopia management now have full access to their facilities and business premises. The inspector stated that the police are not preventing Cryptopia from resuming their operations, and reportedly declined to specify on whether or when charges might …
Altcoin / Feb. 13, 2019
Analysis: Hackers Liquidated $3.2 Million in Tokens From Cryptopia Hack
$3.2 million in tokens stolen from New Zealand-based cryptocurrency exchange Cryptopia have been liquidated on major cryptocurrency exchanges, according to a tweet from blockchain analytics firm Elementus on Feb. 4. The hack, which is seemingly the first major security breach of 2019, was announced by the platform on Jan. 15. The exchange said that the hack occurred on Jan. 14. Cryptopia initially told users it was undergoing unscheduled maintenance, issuing several updates before officially reporting the breach. On Jan. 20, Elementus reported that as much as $16 million worth of Ethereum (ETH) and ERC20 tokens were stolen. The attack continued …
Altcoin / Feb. 8, 2019
Bitmart hacked for $200M following Ethereum, Binance Smart Chain exploit
The $200 million Bitmart hack was first revealed by Peckshield, a blockchain security and data analytics company, who initially identified a transfer of roughly $100 million over the Ethereum blockchain. Further investigation from the team revealed a concurrent hack of $96 million over the crypto exchange’s BSC reserves: Crypto exchange Bitmart lost nearly $200 million in a hot wallet compromise hosted over the Ethereum (ETH) and Binance Smart Chain (BSC) blockchains. Total estimated loss: ~200M (~100M on @ethereum and ~96M on @BinanceChain ). (Previously we only counted the loss on @ethereum). And here is the list of affected assets/amounts on …
Blockchain / Dec. 5, 2021
Huobi and Shiba Inu community to help BitMart overcome $200M hack
Following a near $200 million hack on the BitMart exchange, the Shiba Inu (SHIB) community and crypto exchange Huobi Global aim to help the exchange strengthen security and track inflows of stolen assets. On Dec. 5, crypto exchange BitMart became victim to a hot wallet compromise hosted over the Ethereum (ETH) and Binance Smart Chain (BSC) blockchains. As a result, the hackers were able to steal over $196 million, roughly $100 million over the Ethernet network and around $96 million over the BSC blockchain. 1/3 We have identified a large-scale security breach related to one of our ETH hot wallets …
Blockchain / Dec. 6, 2021
OTC crypto shops flood Hong Kong, but regulations may impact their presence
Hong Kong, one of the most significant and leading financial centers in the world, has played a large role in the development of cryptocurrencies. For instance, the Chinese territory has birthed some of the most established and successful crypto companies to date including the crypto derivatives exchange FTX, along with the digital asset platform Crypto.com. Yet, as trillions of dollars are traded regularly through crypto exchanges founded in Hong Kong, the “Vertical City” also contains an abundance of physical over-the-counter crypto shops as well. Henri Arslanian, PwC crypto lead and former chairman of the Fintech Association of Hong Kong, told …
Bitcoin / Oct. 24, 2021