In the world of cryptocurrency, attacks on users' wallets are slowly becoming everyday. However, sometimes it happens that there is an attack that surprises everyone – it was this time.
According to Cointelegraph, the attack took place on 10 January around 11:00 UTC. The victim was an anonymous owner of Trezor's cryptocurrency portfolio (it's such a safe gadget to store cryptocurrency like a flash drive with a password).
The cheaters used a method called social engineering – it's a clever kind of fraud, where the attacker pretends to be a trusted person to extort classified information.
Attack course:
- Drought impersonated Trezor's technical support. Probably contacted the victim via e-mail, chat or phone – pretending to help solve some cryptocurrency problem.
- He convinced the victim to give a "phase seed" (a special string of 12 or 24 words, which is like the key to the entire cryptocurrency portfolio).
- When the impostor got access to the wallet, he immediately took control of it.
- He quickly transferred huge amounts: 1459 bitcoins (values around $ 139 million) and over 2 million litecoins ($153 million). Together, it's over $282 million.
- To cover the tracks, money was transferred to various blockschain networks, including ethernum, ripple (XRP) and Litecoin, using transaction anonymization tools. Then most have been transferred to Monoro, which provides super anonymity of the transaction and is difficult to track.
ZeroShadow, who monitors blockchain, reacted to the attack. In just 20 minutes, they blocked about $700,000 from theft. Unfortunately, the thieves at the time, they managed to hide most of the cryptocurrency in super anonymous Monoro.
Source: Cointelegraph.com
