![]() ![]() ( SecurityAffairs – coincheck, cybersecurity) Coincheck will use its own funds to reimburse about 46.3 billion yen to its 260,000 customers who were impacted by the cyberheist. In January 2018 Coincheck was hacked and attackers stole $400 million.Ī few days after the hack, the company announced it will refund about $400 million to customers after the hack. ![]() The spear-phishing messages likely instructed users to verify their account information, then the attackers were planning to use this data to take over the customers’ accounts and siphon their funds.Īt the time of publishing this post, the company is not aware of abuses of information obtained with spare-phishing attacks either of the theft of customers’ funds. Information that may have been leaked in the security breach is the email address written in the recipient and information written in the customer’s email.Īttackers sent spear-phishing messages to some users posing as the domain and redirecting the replies of the customers to the servers under their control. The two domain names differ for an extra 0 prefixed to 61. (例) 本物 awsdns-61org → 偽物 awsdns-061org- Masafumi Negishi June 3, 2020Ĭoincheck uses Amazon’s managed DNS service, the attackers first registered a fake domain to the AWS server and replaced the legitimate with. ![]() “The bug of “ Navi” will be fixed on June 2nd.”Īccording to the Japanese security expert Masafumi Negishi, threat actors modified the primary DNS entry for the domain. It turned out that the information (email address) was rewritten.” reads the advisory published by. After investigating this, a malicious third party was able to use your ID and the bug (*) that could alter the communication on your Navi. “There was a case where the management screen of the customer who used Ome.com was accessed illegally and the registered information was rewritten. also confirmed the incident in a separate advisory about issues in Navi customer’s domain and server management tool. Coincheck detected the security breach after observing traffic abnormalities, it also confirmed that approximately 200 customers have been impacted in the security incident. The attack took place between May 31 and June 1, when hackers gained access to Coincheck’s account at and attempted to contact the customers of the platform. The company only halted remittance operations while other operations, including deposits and withdrawals, have not been suspended. “The domain registration information has been amended at around 20:52 on June 1, 2020, and there is no impact on the customer’s assets at this time.” “Approximately 12:00 on June 1, 2020, as a result of detecting an abnormality in the monitoring work and starting an investigation, from around 0:05 on May 31, 2020, in our account in “Ome.com”, It was confirmed that the domain registration information was changed by a third party. As a result of this event, it was revealed that some emails received from customers during the period from May 31 to Jcould be illegally obtained by a third party.” reads a press release published by the company. Then the attackers used the hijacked domain to launch spear-phishing attacks against some of its customers. The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the domain registrar and hijacked one of its domain names. Hackers hijacked one of the domains of the Japanese cryptocurrency exchange Coincheck and used it for spear-phishing attacks. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |