CHINA’S UNDERGROUND NETWORKS WERE READY FOR COPYRIGHT INCIDENT, ANALYSTS SAY

China’s underground networks were ready for copyright incident, analysts say

China’s underground networks were ready for copyright incident, analysts say

Blog Article

The quick laundering of over $400 million from copyright’s hack suggests North Korea may have expanded its operations, analysts say. Over $400 million from copyright‘s $1.46 billion incident was laundered in just days, with analysts at blockchain forensic firm TRM Labs now raising serious concerns that North Korea may have expanded its laundering operations.



China’s underground networks


In a Feb. 27 blog post, the analysts pointed out that copyright’s attackers moved nearly half a billion in less than a week, using intermediary wallets, copyright swaps, decentralized exchanges, and cross-chain bridges to hide the trail.

“This rapid laundering suggests that North Korea has either expanded its money laundering infrastructure or that underground financial networks, particularly in China, have enhanced their capacity to absorb and process illicit funds.”

The analysts note that North Korean hackers typically use copyright mixers to hide stolen funds before cashing out. But the scale of the copyright incident has forced them to adopt new methods. Instead of mixers, they are now using multiple wallets and decentralized platforms to obscure the money trail.

Initially, some stolen Ethereum was sent through BNB Chain and Solana. Now, most of it has been sent to the Bitcoin network. Despite the quick laundering, much of the Bitcoin remains untouched, suggesting the attackers are preparing for large-scale liquidation through OTC networks, the analysts suggest.

copyright lost $1.46 billion in a multi-stage attack, which security experts link to Safe Wallet. The attackers reportedly compromised a Safe{Wallet} developer’s device, tricking copyright’s Safe wallet owner into signing a malicious transaction.



Byte copyright incident


A United States Bitcoin ATM operator, Byte Federal, recently disclosed a cyber incident. This incident was caused by a a GitLab vulnerability and led to the exposure of 58,000 users.

Byte Federal became aware of the unauthorized access on November 18th and shut down the platform in order to contain the malicious actor. According to Bute Federal, there has been no evidence that personal data was compromised, nor that user assets or funds were lost. However, user data was subject to the unauthorized access attempt, which includes:

  • Names

  • Dates of birth

  • Address

  • Phone number

  • Email address

  • Transaction activity

  • Government identification

  • Social Security Number

  • User photographs


Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, comments, “It seems like Byte Federal is doing all the right things in response to this security breach. Other companies should take note. My biggest worry would be a user's funds or private keys being compromised, but this doesn't appear to have happened, and that's a good thing. Although, the information the attacker did have access to could easily be used in sophisticated spear phishing attacks using copyright-related themes. That's really the only remaining worry. Byte Federal customers have to understand that some attackers intent on stealing their copyright value could use learned information against them in sophisticated phishing attacks and act accordingly.”

Report this page