Arab Press

بالشعب و للشعب
Friday, Aug 22, 2025

north korea hackers

East European Hackers Steal Over $200M from Cryptocurrency Exchanges, Targeting US, Japan

CryptoCore, believed to operate out of Eastern Europe, is now the second group which repeatedly targeted cryptocurrency exchanges during the past few years

An unknown cyber group from eastern Europe has stolen $70 million from Israel cryptocurrency exchanges, revealed cyber-security company ClearSky. The report said the crypto cyber gang, dubbed as "CryptoCore," has robbed cryptocurrency exchanges worth $200 million, especially focusing on Japan and the U.S.

As per the report, the ClearSky has been tracking the CryptoCore group campaigns for almost two years, with no conclusive understanding of the operators' origin. However, the company assessed with a medium level of certainty that the group has links to the East European region, Ukraine or Russia.

Or Blatt, Research Team Leader at ClearSky said they linked CryptoCore to five successful hacks and have noticed the group to target another 10 to 20 cryptocurrency exchanges. Some of the operations by the threat actors have been previously documented in several reports identifying the group as "Dangerous Password" and "Leery Turtle [PDF]."

But as per the Israeli security firm, CryptoCore's operations have been more ample and widespread than previously documented. In the report, the security firm clarified that,

"Cryptocurrency exchanges have become targets for constant attacks... Threat actors of all kinds try to infiltrate corporate networks for reconnaissance, ransomware deployment, and plainly to steal money from those exchanges, specifically from their 'hot' (i.e. active, connected) wallets"


The Tactics Are Same


As per the ClearSky despite operating for almost two years, the attacking tactics are almost the same, with a little variation. All attacks start with an information gathering stage during which the cybercriminals collect the required information to target an exchange's management, IT staff, and other employees.

They usually launch the first phishing attacks against personal email accounts, rather than the corporate ones, as they are less secure. ClearSky said that it is just a matter of hours to weeks until the spear-phishing email is sent to a corporate email account of an exchange's executive. The attacks are typically carried out by impersonating a high-ranking staff either from the target organization or from another organization with connections to the targeted employee.

The ultimate goal is to plant malware on an employee's system and gain access to a password manager account. The hackers from CryptoCore will use those passwords to access accounts and wallets, disable two-factor authentication systems, and then start transferring funds out of the exchange's "hot wallets."

While North Korea bases hackers have been the biggest threat to the cryptocurrency exchanges, CryptoCore is now the second group that has repeatedly targeted cryptocurrency exchanges during the past three to four years. However, the United Nation's panel on threat intelligence released a report which said that North Korean hackers stole around $571 million from at least five cryptocurrency exchanges in Asia between January 2017 and September 2018.

Newsletter

Related Articles

Arab Press
0:00
0:00
Close
Dogfights in the Skies: Airbus on Track to Overtake Boeing and Claim Aviation Supremacy
Tim Cook Promises an AI Revolution at Apple: "One of the Most Significant Technologies of Our Generation"
Are AI Data Centres the Infrastructure of the Future or the Next Crisis?
Miles Worth Billions: How Airlines Generate Huge Profits
Zelenskyy Returns to White House Flanked by European Allies as Trump Pressures Land-Swap Deal with Putin
Beijing is moving into gold and other assets, diversifying away from the dollar
Trump Backs Putin’s Land-for-Peace Proposal Amid Kyiv’s Rejection
Zelenskyy to Visit Washington after Trump–Putin Summit Yields No Agreement
Iranian Protection Offers Chinese Vehicle Shipments a Cost Advantage over Japanese and Korean Makers
United States Sells Luxury Yacht Amadea, Valued at Approximately $325 Million, in First Sale of a Seized Russian Yacht Since the Invasion of Ukraine
Saudi Arabia accelerates renewables to curb domestic oil use
Cristiano Ronaldo and Georgina Rodríguez announce engagement
Asia-Pacific dominates world’s busiest flight routes, with South Korea’s Jeju–Seoul corridor leading global rankings
Private Welsh island with 19th-century fort listed for sale at over £3 million
Sam Altman challenges Elon Musk with plans for Neuralink rival
Australia to Recognize the State of Palestine at UN Assembly
The Collapse of the Programmer Dream: AI Experts Now the Real High-Earners
Armenia and Azerbaijan to Sign US-Brokered Framework Agreement for Nakhchivan Corridor
British Labour Government Utilizes Counter-Terrorism Tools for Social Media Monitoring Against Legitimate Critics
WhatsApp Deletes 6.8 Million Scam Accounts Amid Rising Global Fraud
Texas Residents Face Water Restrictions While AI Data Centers Consume Millions of Gallons
India Rejects U.S. Tariff Threat, Defends Russian Oil Purchases
United States Establishes Strategic Bitcoin Reserve and Digital Asset Stockpile
Thousands of Private ChatGPT Conversations Accidentally Indexed by Google
China Tightens Mineral Controls, Curtailing Critical Inputs for Western Defence Contractors
JPMorgan and Coinbase Unveil Partnership to Let Chase Cardholders Buy Crypto Directly
British Tourist Dies Following Hair Transplant in Turkey, Police Investigate
WhatsApp Users Targeted in New Scam Involving Account Takeovers
Trump Deploys Nuclear Submarines After Threats from Former Russian President Medvedev
Germany’s Economic Breakdown and the Return of Militarization: From Industrial Collapse to a New Offensive Strategy
Germany Enters Fiscal Crisis as Cabinet Approves €174 Billion in New Debt
IMF Upgrades Global Growth Forecast as Weaker Dollar Supports Outlook
Politics is a good business: Barack Obama’s Reported Net Worth Growth, 1990–2025
UN's Top Court Declares Environmental Protection a Legal Obligation Under International Law
"Crazy Thing": OpenAI's Sam Altman Warns Of AI Voice Fraud Crisis In Banking
Japanese Prime Minister Vows to Stay After Coalition Loses Upper House Majority
President Trump Diagnosed with Chronic Venous Insufficiency After Leg Swelling
Man Dies After Being Pulled Into MRI Machine Due to Metal Chain in New York Clinic
FIFA Pressured to Rethink World Cup Calendar Due to Climate Change
Iranian President Reportedly Injured During Israeli Strike on Secret Facility
Kurdistan Workers Party Takes Symbolic Step Towards Peace in Northern Iraq
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
AI Raises Alarms Over Long-Term Job Security
Russia Formally Recognizes Taliban Government in Afghanistan
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Mediators Edge Closer to Israel-Hamas Ceasefire Agreement
Germany Seeks Taliban Deal to Deport Afghan Migrants
Emirates Airline Expands Market Share with New $20 Million Campaign
Robots Compete in Football Tournament in China Amid Injuries
×