272 hack event(s)
Description of the event: UL LLC (commonly known as Underwriters Laboratories) suffered a ransomware attack that encrypted its server and caused the server to shut down the system when it recovered. To prevent the attack from spreading further, the company shut down the system so that certain employees could not perform their work. According to sources familiar with the attack, UL decided not to pay the ransom, but to restore from backup.
Amount of loss: - Attack method: Ransomware
Description of the event: F2Pool was attacked by DDos, and some addresses experienced short-term failures, which have been restored.
Amount of loss: - Attack method: DDoS Attack
Description of the event: According to CryptoPotato, the ransomware group DoppelPaymer launched another attack, this time leaking sensitive data of KMA, the North American branch of automaker Kia Motors. Criminals demand Bitcoin to pay the ransom, and the total ransom may be as high as 600 Bitcoins (worth more than 30 million U.S. dollars). KMA stated that the company has experienced “IT outages involving internal, reseller, and customer-facing systems” and stated that it is working to resolve these issues. The ransom note left by the DoppelPaymer ransomware group stated that they had broken into KMA's system.
Amount of loss: - Attack method: Ransomware
Description of the event: On January 11, the Michigan state police claimed that an anonymous person mailed death threats to Governor Gretchen Whitmer and employees of the state in an attempt to collect $2 million worth of Bitcoin. The letter said that unless the governor transfers more than $2 million in cryptocurrency to him before January 25, the state employee will die. A Michigan State Police spokesperson responded that the threat was not credible.
Amount of loss: - Attack method: Ransomware
Description of the event: The Tor network was attacked and all v3 onion addresses were inaccessible. Darknetdaily posted that this seems to be a new type of attack that will affect the entire network and cause the consensus authorization node to overload. Hugbunter, the administrator of the dark web forum Dread, said that all v3 onion addresses are currently inaccessible. The cause of the accident is unknown, but it may cause a huge attack on the entire network. Hugbunter speculated that an article he published earlier might have spawned this attack. The article advocated that competitors in the market should be prevented from launching DDoS attacks against each other.
Amount of loss: - Attack method: Network Attack
Description of the event: On December 14th, the Procuratorate of Cordoba, Argentina prosecuted 12 scammers involved in the OneCoin cryptocurrency Ponzi scheme and ordered their arrests last Thursday. Eight of them have been arrested. It was previously reported that the OneCoin Ponzi scheme caused relevant investors to suffer a total of US$4.4 billion in financial losses from their investment in the project from April 2014 to March 2018.
Amount of loss: $ 4,40,000,000 Attack method: Scam
Description of the event: Foxconn was attacked by ransomware, which temporarily caused problems in its production facilities in Mexico and resulted in the theft of data. It is reported that the ransomware attack occurred on Thanksgiving weekend and the hacker was a DoppelPaymer group. The target of the attack was the Foxconn factory in Juarez, Chihuahua. About 1,200 servers were infected. 100GB of unencrypted files were stolen. The ransomware attack also caused 20TB to 30TB of backup data to be deleted. It is reported that the DoppelPaymer group demanded a ransom of 1804.0955 Bitcoin (approximately 220 million yuan) in exchange for an encryption key and promise not to publish the stolen data. Foxconn did not pay, and at least part of the data has been published on the dark web. In response, Foxconn responded that its factories in the Americas have indeed been attacked by cyber ransomware recently. At present, its internal information security team has completed software and operating system security updates, and at the same time improved the level of information security protection. At the same time, the affected factories are restoring the network, which has little impact on the group's overall operations.
Amount of loss: - Attack method: Ransomware
Description of the event: A user named Kazuo Kusunose posted on Google forums that he had lost $15,000 due to an encryption scam discovered in Google ads. Allegedly, the suspicious website named Coindaq.io tried to use the digital renminbi that China is studying, claiming that users can deposit funds on the platform to participate in the sale of digital renminbi. The victim expressed the hope that Google can investigate the matter and establish a webpage targeted at the alleged fraud.
Amount of loss: $ 15,000 Attack method: Scam
Description of the event: According to Spanish prosecutors, they are investigating Arbistar's alleged manipulation of a Bitcoin trading scam. The disappearance of investor funds has affected 32,000 households who cannot use their savings invested in Bitcoin trading platform Arbistar. Earlier, it was reported that crypto company Arbistar announced that it would close a trading tool called Community Bot. The operator said that all funds on the platform are currently frozen and prevent users from withdrawing funds. Allegedly, the amount stolen may exceed 100 million euros (120 million U.S. dollars), which may be the “largest scam in Spain” related to cryptocurrencies.
Amount of loss: $ 120,000,000 Attack method: Scam
Description of the event: Banco Estado Bank, one of the three largest banks in Chile, had to shut down its nationwide business on the 7th due to a cyber attack by REvil ransomware.
Amount of loss: - Attack method: Ransomware
Description of the event: It is said that hackers used the encrypted virus NetWalker to enter the database and steal information from federal agencies. The dark web payment page linked in the ransomware description shows that the hacker initially paid $2 million worth of bitcoin to unlock the file. Within a week, this number had increased to 355 BTC, which is approximately $3.62 million.The Argentine government refused to pay the ransom.
Amount of loss: - Attack method: Ransomware
Description of the event: Hackers carried out ransomware attacks against Tower Semiconductor Ltd (TSEM), a maker of wireless chips and camera sensors listed on the Israeli Nasdaq, and demanded hundreds of thousands of dollars in bitcoin ransoms. For safety reasons, TSEM shut down some running servers and suspended production in some factories.
Amount of loss: - Attack method: Ransomware
Description of the event: The well-known darknet market Empire Market has closed its operations. When it exited, the website defrauded about 2638 bitcoins from 1.3 million users, worth nearly 30 million U.S. dollars.
Amount of loss: $ 30,000,000 Attack method: Scam
Description of the event: The New Zealand Stock Exchange (NZX) went offline for two days in a row due to a cyber attack. NZX said on Tuesday it was first hit by a distributed denial of service (DDoS) attack from abroad. The emails threatening DDoS attacks came from Fancy Bear, a well-known Russian hacking group.
Amount of loss: - Attack method: DDoS Attack
Description of the event: According to Coindesk, a hacker has stolen more than 1,000 user data from crypto-tax service provider CryptoTrader.Tax and is trying to sell information on dark web forums.
Amount of loss: - Attack method: Information Leakage
Description of the event: The Hong Kong police arrested three men on suspicion of defrauding nearly 230,000 Hong Kong dollars (US$30,000) from Bitcoin ATMs. This is the first such case in Hong Kong. These exchanges suspect that criminals have used the “loopholes” of ATMs to withdraw cash without official authorization.
Amount of loss: $ 30,000 Attack method: Scam
Description of the event: Tencent Security Threat Intelligence Center has detected a large number of attacks originating from overseas IP and some domestic IP against domestic cloud server tenants. The attacker blasted into the server through SSH (port 22), and then executed malicious commands to download the Muhstik botnet Trojan. The botnet will control the compromised server to perform SSH lateral movement, download the Monero mining Trojan, and accept remote commands to launch DDoS attacks.
Amount of loss: - Attack method: Remote Intrusion
Description of the event: According to a tweet published by Jon Prosser on August 5, its YouTube channel with 262,000 subscribers was hacked, the channel name was changed to "NASA [news]", and a live broadcast about SpaceX CEO Elon Ma Skr gave false news of Bitcoin. In about two hours, the illegal profit was $4,000.
Amount of loss: $ 4,000 Attack method: Youtube was hacked
Description of the event: CWT, the fifth largest travel company in the United States, agreed to pay $4.5 million worth of bitcoin to hackers who hijacked its computer systems.
Amount of loss: $ 4,500,000 Attack method: Ransomware
Description of the event: In the early hours of this morning, many celebrity politicians and some companies' Twitter accounts were attacked by hackers, and these Twitter accounts all published relevant digital currency phishing scam information. However, the phishing information was deleted a few minutes after it was posted. As of now, the scammers have received 12.86 bitcoins in total.
Amount of loss: 12.86 BTC Attack method: Hacked account