The dimension reduction security laboratory reported that the senior hacker team and even the national hacker organization have been active again in recent days. Many digital currency exchanges have been targeted by APT attacks, and the specific asset losses are still in the statistics.
APT attack definition: Advanced threat threat attack, also known as directed threat attack, refers to an organization's continuous and effective attack on specific objects.
Such attacks are highly concealed and targeted, often using sophisticated means of media, supply chain and social engineering to implement advanced, persistent and effective threats and attacks.
The nature of APT attacks: targeted, tightly organized, long-lasting, high-hidden and indirect attack
cases: 1. In the security incident of DragonEx Dragon Exchange, the dimension reduction security laboratory (johnwick.io) was the first time with Longwang. Actively get in touch and analyze and confirm with Longwang. The customer service has obtained and opened a “transaction software” installation package WbBot.dmg under Apple OS X (SHA256 hash
****7DEC218E815A6EB399E3B559A8962EE46418A4E765D96D352335**** ****), this installation package has been bundled backdoor through the technical analysis of the dimension reduction security laboratory. The hacker obtains the internal personnel authority through the back door of the installation package and penetrates into the intranet to successfully obtain the digital currency wallet private key.
The dimensionality-reduction security laboratory received multiple APT attacks from multiple exchanges. The analysis of the dimensionality-defending security laboratory considered that the attack was organized and premeditated, and it was specialized for the senior technical staff or management personnel of the exchange. attack. The main process is: through the operation and simulation of normal quantitative software, high-profit and high-yield through the exchange's external customer service to entice the high-level use of the exchange, the key software encryption hidden behind the door, once the software is passed to the key computer Running on will perform a sequence of infiltrations and hacking.
The dimensionality security laboratory (johnwick.io) warned that several trading platforms have become targets of national APT organizations. It was confirmed that the attack was carried out by state-level professional hackers, and the warning was selected into the national think tank. National hacker group Lazarus launched a continuous attack on the digital currency trading platform, and several large digital currency trading platforms were attacked by varying degrees. The hacker organization and the 2014 Sony Pictures hacking incident and Bangladesh in 2016 Bank data breaches are related to famous attacks such as the “Wannacry” ransomware that swept the world in 2017.
Recently, senior hacking teams and even state-level hacking organizations have been active again. Many digital currency exchanges have been targeted by targeted APT attacks. The specific asset losses are still in the statistics. It is reported that since the beginning of the year, several exchanges have suffered huge asset losses due to high-level APT attacks, mainly due to the lack of security awareness of external service personnel.
The dimension reduction security experts indicated that the following defense measures can be taken against APT attacks:
- Separate the network segment of the internal network.
- External service personnel are isolated from internal and external network physical machines.
3, the use of mature and effective trap-type security defense products, eg face wall trap defense system.
- A targeted penetration test can be used to conduct security checks on the exchange website and customer service.