363 hack event(s)
Description of the event: Ishii, an employee of Tokyo Sony Life Insurance Company ("Sony Life"), allegedly misappropriated US$154 million when attempting to transfer funds between the company’s financial accounts. According to court documents, Ishii changed the transfer address of a Sony Life transaction to Silvergate bank account that you control. Ishii later converted funds into more than 3879 bitcoins through Coinbase. The Coinbase set up to automatically transfer all added funds to an offline cryptocurrency cold wallet with the bitcoin address bc1q7rhc02dvhmlfu8smywr9mayhdph85jlpf6paqu. However, on December 1, after cooperating with Japanese law enforcement agencies, the FBI seized 3789.16242937 BTC in Ishii's wallet after obtaining the private key. The Tokyo Metropolitan Police Department arrested the 32-year-old Ishii on the same day and alleged In mid-May, he was charged with a fraudulent remittance of 154 million U.S. dollars.
Amount of loss: - Attack method: Insider Manipulation
Description of the event: On May 7, 2021, Colonial Pipeline, the largest oil and gas pipeline operator in the United States, was targeted by a ransomware attack. The ransomware attack involved national critical infrastructure, which caused global shock and widespread concern. Was blackmailed to pay 5 million U.S. dollars worth of Bitcoin. Court documents show that the government recovered 63.7 bitcoins ($2.3 million).
Amount of loss: $ 2,700,000 Attack method: Ransomware
Description of the event: In response to users reporting that the official website of Hpool could not be opened, Hpool officially responded that the front end of the official website was attacked by DDOS.
Amount of loss: - Attack method: DDoS Attack
Description of the event: The Mask Network official stated that the contract address of the second round of ITO was attacked by robots, and the address has been officially blacklisted.
Amount of loss: - Attack method: Robot attack
Description of the event: Encrypted lending service Celsius has discovered a data breach in one of its third-party service providers, which has exposed the personal information of its customers. According to the email, the hacker gained access to the "third-party email distribution system" used by Celsius. Hackers use this information to send fraudulent emails and text messages to trick them into revealing the private keys of their funds. On April 14, Celsius users started reporting a fraudulent website claiming to be the official Celsius platform. Some users also receive text messages and emails claiming to be Celsius official, can link to the website, and prompt the recipient to enter sensitive information. It is reported that Celsius' competitor BlockFi suffered a similar data breach last spring.
Amount of loss: - Attack method: Information Leakage
Description of the event: Renowned computer maker Acer has been hit by a ransomware gang, REvil, demanding up to $50 million in XMR to decrypt the company's computers and not leak data on the dark web. The ransomware gang announced on their data breach website that they had compromised Acer and shared as evidence some images of allegedly stolen files for files containing financial spreadsheets, bank balances and bank communications .
Amount of loss: - Attack method: Ransomware
Description of the event: The community token platform TryRoll was suspected of being attacked, and the tokens issued based on it were sold in a large amount on Uniswap. Among them, WHALE lost 1,362 ETH, FWB lost 797 ETH, KARMA lost 155 ETH, JULIEN lost 115 ETH, hackers made a total of 2998 ETH, and 700 ETH was deposited in the mixed currency platform Tornado.Cash. In addition, Roll announced that it has raised $500,000 in funding for creators affected by this.
Amount of loss: 2,998 ETH Attack method: Private Key Leakage
Description of the event: CNA, one of the largest insurance companies in the United States, paid a ransom of US$40 million (approximately 257 million yuan) after being attacked by ransomware in March to regain control of its network. The company has confirmed that an organization named Phoenix is the perpetrator of this attack.
Amount of loss: $ 40,000,000 Attack method: Ransomware
Description of the event: Tether officially tweeted that forged documents allegedly "between Tether personnel and representatives of Deltec Bank & Trust and other institutions" are circulating online. In addition, Tether officially received a ransom request for sending 500 BTC to bc1qa9f60pved3w3w0p7snpxlnh5t4uj95vxn797a7 today. The sender stated that unless they receive Bitcoin before tomorrow, they will leak documents to the public in order to "destroy the Bitcoin ecosystem." Tether said it will not pay the ransom. And remind customers, employees, and the encryption community to stay vigilant and ensure operational safety. Tether stated that it has reported falsified communications and related ransom demands to law enforcement.
Amount of loss: - Attack method: Ransomware
Description of the event: The game ecosystem platform SeascapeNetwork stated that the private key of an early investor was stolen after the token was released today, which led to hackers obtaining 18,750 CWS in the investor's wallet. According to Etherscan data verification, this address has changed all CWS to ETH, and then recharged it to the Ethereum mixing platform Tornado.Cash several times, which is close to 330 ETH, which is equivalent to USD 500,000.
Amount of loss: $ 500,000 Attack method: Private Key Leakage
Description of the event: The 70 GB data of Gab, a social networking platform that supports Bitcoin, was hacked. Gab has handed over the hacked data to the reporting website Distributed Denial of Secrets. Emma Best, founder of Distributed Denial of Secrets, said that the hacked data included public posts, personal information and passwords, and private account posts and messages.
Amount of loss: - Attack method: Information Leakage
Description of the event: UL LLC (commonly known as Underwriters Laboratories) suffered a ransomware attack that encrypted its server and caused the server to shut down the system when it recovered. To prevent the attack from spreading further, the company shut down the system so that certain employees could not perform their work. According to sources familiar with the attack, UL decided not to pay the ransom, but to restore from backup.
Amount of loss: - Attack method: Ransomware
Description of the event: F2Pool was attacked by DDos, and some addresses experienced short-term failures, which have been restored.
Amount of loss: - Attack method: DDoS Attack
Description of the event: According to CryptoPotato, the ransomware group DoppelPaymer launched another attack, this time leaking sensitive data of KMA, the North American branch of automaker Kia Motors. Criminals demand Bitcoin to pay the ransom, and the total ransom may be as high as 600 Bitcoins (worth more than 30 million U.S. dollars). KMA stated that the company has experienced “IT outages involving internal, reseller, and customer-facing systems” and stated that it is working to resolve these issues. The ransom note left by the DoppelPaymer ransomware group stated that they had broken into KMA's system.
Amount of loss: - Attack method: Ransomware
Description of the event: On January 11, the Michigan state police claimed that an anonymous person mailed death threats to Governor Gretchen Whitmer and employees of the state in an attempt to collect $2 million worth of Bitcoin. The letter said that unless the governor transfers more than $2 million in cryptocurrency to him before January 25, the state employee will die. A Michigan State Police spokesperson responded that the threat was not credible.
Amount of loss: - Attack method: Ransomware
Description of the event: The Tor network was attacked and all v3 onion addresses were inaccessible. Darknetdaily posted that this seems to be a new type of attack that will affect the entire network and cause the consensus authorization node to overload. Hugbunter, the administrator of the dark web forum Dread, said that all v3 onion addresses are currently inaccessible. The cause of the accident is unknown, but it may cause a huge attack on the entire network. Hugbunter speculated that an article he published earlier might have spawned this attack. The article advocated that competitors in the market should be prevented from launching DDoS attacks against each other.
Amount of loss: - Attack method: Network Attack
Description of the event: On December 14th, the Procuratorate of Cordoba, Argentina prosecuted 12 scammers involved in the OneCoin cryptocurrency Ponzi scheme and ordered their arrests last Thursday. Eight of them have been arrested. It was previously reported that the OneCoin Ponzi scheme caused relevant investors to suffer a total of US$4.4 billion in financial losses from their investment in the project from April 2014 to March 2018.
Amount of loss: $ 4,40,000,000 Attack method: Scam
Description of the event: Foxconn was attacked by ransomware, which temporarily caused problems in its production facilities in Mexico and resulted in the theft of data. It is reported that the ransomware attack occurred on Thanksgiving weekend and the hacker was a DoppelPaymer group. The target of the attack was the Foxconn factory in Juarez, Chihuahua. About 1,200 servers were infected. 100GB of unencrypted files were stolen. The ransomware attack also caused 20TB to 30TB of backup data to be deleted. It is reported that the DoppelPaymer group demanded a ransom of 1804.0955 Bitcoin (approximately 220 million yuan) in exchange for an encryption key and promise not to publish the stolen data. Foxconn did not pay, and at least part of the data has been published on the dark web. In response, Foxconn responded that its factories in the Americas have indeed been attacked by cyber ransomware recently. At present, its internal information security team has completed software and operating system security updates, and at the same time improved the level of information security protection. At the same time, the affected factories are restoring the network, which has little impact on the group's overall operations.
Amount of loss: - Attack method: Ransomware
Description of the event: A user named Kazuo Kusunose posted on Google forums that he had lost $15,000 due to an encryption scam discovered in Google ads. Allegedly, the suspicious website named Coindaq.io tried to use the digital renminbi that China is studying, claiming that users can deposit funds on the platform to participate in the sale of digital renminbi. The victim expressed the hope that Google can investigate the matter and establish a webpage targeted at the alleged fraud.
Amount of loss: $ 15,000 Attack method: Scam
Description of the event: According to Spanish prosecutors, they are investigating Arbistar's alleged manipulation of a Bitcoin trading scam. The disappearance of investor funds has affected 32,000 households who cannot use their savings invested in Bitcoin trading platform Arbistar. Earlier, it was reported that crypto company Arbistar announced that it would close a trading tool called Community Bot. The operator said that all funds on the platform are currently frozen and prevent users from withdrawing funds. Allegedly, the amount stolen may exceed 100 million euros (120 million U.S. dollars), which may be the “largest scam in Spain” related to cryptocurrencies.
Amount of loss: $ 120,000,000 Attack method: Scam