Hackers identified as DEV-0139 have focused their attention on big exchanges, including small ones; businesses and exchange operators have been advised against downloading files with malicious content.
Microsoft Discoveres New Hackers Tagged DEV-0139
A group of hackers known as DEV 0139 have employed a new hacking technique that targets major crypto exchanges and corporations through the social media messaging app, Telegram. When Microsoft’s security division recently began looking into cybercrimes in the crypto area, they came across this tactic.
Large transaction fees charged by cryptocurrency exchanges have proven to be a significant problem for rich traders. One feels that these fees are a cost that needs to be reduced in order to mitigate the impact that it might have on profitability.
Exchanges stand out as the organization in the sector with the highest fee charge, according to records.
The hackers used this as a leverage point in this circumstance, luring and misleading their intended exchanges.
The Hackers Techniques
These hackers joined numerous Telegram channels that prominent clients and representatives of exchanges used to communicate and gather information. They targeted large firms, initiating conversation with representatives from exchanges including Binance.
DEV-O139 invited its targeted individuals to a different chat room while posing as a representative from one of the exchanges and enquiring about the structure put in place for fees.
Due to their extensive awareness and in-depth knowledge of the situation and business being discussed among the top clientele of numerous exchanges and organizations, they were able to interact successfully with the target and win their trust.
These hackers distributed a malicious excel file that provided accurate information on the structure of exchange fees and was initially intended to increase the credibility of the exchange.
The malicious hidden file that retrieves information from the system and transfers it into another file which is automatically downloaded into the system once this client’s download the distributed Excel file into their system.
Then, this excel file will be run in a covert, undetectable manner, downloading files that will be used by the hackers.
The DLL file contains libraries of information and code that may be used by several programs to operate at the same time, whereas XOR file is an encryption technique that encrypts data in a way that makes it difficult to decode.
Through the backdoor, the hackers were eventually able to access these exchange’s databases.
HeraldSheets.com produces top quality content for crypto companies. We provide brand exposure for hundreds of companies. All of our clients appreciate our services. If you have any questions you may contact us. Cryptocurrencies and Digital tokens are highly volatile, conduct your own research before making any investment decisions. Some of the posts on this website are guest posts or paid posts that are not written by our authors and the views expressed in them do not reflect the views of this website. Herald Sheets is not responsible for the content, accuracy, quality, advertising, products or any other content posted on the site. Read full terms and conditions / disclaimer.