<dd id="yzu3f"><tr id="yzu3f"><kbd id="yzu3f"></kbd></tr></dd>

              安基网 首页 资讯 安全报 查看内容

              多家交易所遭邮件钓鱼攻击,价值超40万美元的BTC或失窃

              2019-6-19 11:40| 投稿: xiaotiger |来自: 互联网


              免责声明:本站系公益性非盈利IT技术普及网,本文由投稿者转载自互联网的公开文章,文末均已注明出处,其内容和?#35745;?#29256;权归原网站或作者所有,文中所述不代表本站观点,若有无意侵权或转载不当之处请从网站右下角联系我们处理,谢谢合作!

              摘要: 据慢雾科技消息,近日,多家数字货币交易所向慢雾安全团队反映,其收到了敲诈勒索信息。敲诈者向交易所发送邮件或Telegram消息称,交易所存在漏洞,一旦被攻击,将导致平台无法被打开。若要获取漏洞报告,需向指定的地址支付BTC。然而,多家交易所表示其支付BTC后,对方只发送了初步的漏洞报告或没有回 ...

              据慢雾科技消息,近日,多家数字货币交易所向慢雾安全团队反映,其收到了敲诈勒索信息

              敲诈者向交易所发送邮件或Telegram消息称,交易所存在漏洞,一旦被攻击,将导致平台无法被打开。若要获取漏洞报告,需向指定的地址支付BTC。然而,多家交易所表示其支付BTC后,对方只发送了初步的漏洞报告或没有回应。

              慢雾合伙人兼安全负责人海贼王向巴比特表示,

              “目前已有5家交易所向我们反映了这种情况,敲诈者使用不同的邮箱或Telegram ID,向交易所的相关负责人发送敲诈邮件,敲诈金额为0.1BTC至2BTC不等,并且使用的是不同的BTC地址。”

              截至发稿,据不完全统计,敲诈者的Telegram ID有@zed1331、@bbz12、@samzzcyber,邮箱有[email protected],BTC地址有3GQQt2zJnPAWvirym7pbwvNTeM5igGuKxy,该地址入账约43.45个BTC(约40.41万美元)。

              1

              海贼王向巴比特提供了诈骗邮件原文(如文末附录所示),邮件称,“交易所存在‘Web服务整型溢出’漏洞,一旦被攻击,将导致Web服务器崩溃,最终无法访问.....我们能解决此类漏洞问题......若要获取漏洞报告,需支付2个BTC至指定地址。”

              值得注意的是,该邮件还指出,“截至2019年3月1日,已获得了约10万美元的赏金,打?#31361;?#26500;包括KuCoin、CoinSwitch、Phantasma、PlatonFinance、Vulnerability Analysis、 STEX Exchange、XCOYNZ Project?#21462;!?/p>

              海贼王向巴比特透露,在与KuCoin交易所的相关负责人取得联系后,负责人表示确实有Telegram?#27809;?#21453;映漏洞问题(如下图),但KuCoin并未支付2BTC赏金,提醒大家不要相信骗子。

              截图由KuCoin相关负责人提供

              还有一类与Linkedin相关的钓鱼邮件,大致内容如下:

              Hey, We have found a nefty integer overflow vulnerability on => https://www.xxx.com

              Attacker could alter webserver. I have experience working to upgrade security for large exchanges,like xxx, and would like to propose about this.

              May we go on to demonstrate this vuln?

              You can verify me as an security researcher on LinkedIn as follows: => https://www.linkedin.com/in/xxxxx/

              海贼王分析称,

              “邮件包含一个 Linkedin链接,因为在Linkedin 平台上需要登录个人账号才能查看个人信息,所以当交易所工作人员登录自己的 Linkedin 账号,去查看提交漏洞人?#20445;?#21487;能是钓鱼攻击者)的 Linkedin 账号信息?#20445;?strong>攻击者也能查看到交易所工作人员的信息,攻击者可以通过社交平台获取其他的信息。”

              2

              近几年,数字货币市场的资金量呈现井喷式爆发,以交易市场操纵风险、交易平台风险、诈骗风险、钱包风险为主的安全风?#31456;?#35265;不鲜。

              除了上述的邮件钓鱼攻击外,其他类型的钓鱼攻击包括域名钓鱼(使用与官网相似的网址)、Twitter 1 for 10(支付0.5-10ETH返利5-100ETH)、假APP和假工作人员?#21462;?

              所谓“钓鱼攻击?#20445;?#25351;的是攻击者伪装成可以信任的人或机构,通过电子邮件、通讯软件、社交媒体等方式,以获取收件人的?#27809;?#21517;、密码、私钥?#20154;?#23494;信息。

              海贼王认为,此次邮件钓鱼攻击事件中,部分交易所之所以?#31995;?#21463;骗,主要由于交易所缺少专业的安全漏洞判断能力,信息孤立导致其无法对当前漏洞的整体情况作出准确判断。他说,

              “对于交易所来说,不管对方是不是真的发现了漏洞,只要价格合适,都愿意花钱赌一把。如果赌对了,?#25970;?#20132;易所就能少一次被曝光漏洞的公关危机,或少一次平台被攻击的可能;如果?#30446;?#20102;,亏的也不多,可以承受。骗子就是利用了交易所的这?#20013;?#29702;。”

              对于初次遭遇钓鱼攻击的交易所,他建议,

              “首先,不要一激动就打开攻击者发送的内容里面的任何链接或者文件,可能有木马病毒;其次,在攻击者没有?#38750;?#21578;知漏洞?#38468;?#20043;前,不要转给攻击者BTC;最后,如果有交易所无法准确判断?#25237;?#33258;处理,可以联系安全公司协助处理。 ”

              附(钓鱼邮件原文):

              It's more like an vulnerability which allows an attacker to crash the webserver of the following website. "Integer -overflow" related. The attack vector itself holds a huge security risk, when exploited, the webserver could crash due to it, and eventually be unreachable. The flaw has been done through exploitable web elements on your website.

              Our proposal is based on information-security (infosec) regarding cybersecurity.

              Confidentiality: assist infosec wisely to implement firewalls, intrusion detectors and prevention technologies to ensure reliable provided service. (not actual server access required.)

              Availability: In order to ensure that I would have infosecurity on redundancy and backups, when/if one of the servers is down, the second server would replace it and ensure that the services are up and running without any downtime.

              General knowledge => This type of attack as demonstraded are based on exploiting website elements: these can include forms, direct webserver exploit, or DNS leaking for the actual backend server, which gives an malicious attacker multiple chances to work with.

              We'd address the required knowledge needed to counter this type of threats.

              These following items listed below are our main focuses what we will send reports to regarding, next to every "to be addressed" phase;

              We have added in a short meaning on what does it include as can be seen.

              �6�1 The audit process 1.1 Audit planning & preparation 1.2 Establishing audit objectives 1.3 Performing the review 1.4 Issuing the review report

              �6�1 The audit System 2.1 Networking Security 2.2 Backend Installation / Security 2.3 API Audition 2.4 CDN + Anti malicious attacks protection 2.5 Code Audit: checking vulnerability in any PHP / ASP / JS code

              Vouches by companies:

              [Make sure to check the provided link for vouch.] 1. KuCoin => { https://i.imgur.com/y0AXMCn.jpg] 2. CoinSwitch =>https://i.imgur.com/l8D8g9p.jpg] CoinSwitch Contract example =>https://i.imgur.com/P2hMNxD.jpg3. Phantasma =>https://i.imgur.com/y1QCOuL.jpg ] 4. PlatonFinance =>https://i.imgur.com/189Ejdz.jpg] 5. Vulnerability Analysis (just an example) =>https://i.imgur.com/V0C19KZ.jpgand many more. 6. STEX Exchange paid 3 BTC for our infosec and analysis: =>https://m.imgur.com/18tAXah7. Proof of Kucoin Payment to us:https://i.imgur.com/trBbVKP.jpg8. XCOYNZ Project:https://i.imgur.com/UbUliaI.jpg

              Proof of compensations: Different companies which some included be seen in multiple vouches above, have rewarded me almost total of [$ 102,783.91 USD on 01/03/2019 rate for security related bounties, cybersecurity, demonstrations, and different VA reports.

              Pricing for the Infosec/Audit offered: => 2 BTC

              To make it clear the price will be one-time payment and afterwards there won't be any charge. You can consult us further at anytime



              小编推荐:欲学习电脑技术、系统维护、网络管理、编程开发和安全攻防等高端IT技术,请 点击这里 注册账号,公开课频道价值万元IT培?#21040;?#31243;免费学,让您少走弯路、事半功倍,好工作升职?#26377;剑?/font>

              本文出自:https://www.toutiao.com/a6703739056095756804/

              免责声明:本站系公益性非盈利IT技术普及网,本文由投稿者转载自互联网的公开文章,文末均已注明出处,其内容和?#35745;?#29256;权归原网站或作者所有,文中所述不代表本站观点,若有无意侵权或转载不当之处请从网站右下角联系我们处理,谢谢合作!


              鲜花

              ?#24080;?/a>

              雷人

              路过

              鸡蛋

              相关阅读

              最新评论

               最新
              返回顶部
              十一选五奖金对照表 浙江快乐彩开奖查询 湖南彩票中奖新闻报道 cba全明星赛 山东11选5计划 117扬红公式心水论坛 福州十三水 台湾时时彩走势图网址 超市规划 11选五5开奖结福建 体彩河南泳坛夺金直播 任选9场奖金计算方式 淘宝快3属于什么情况 竞彩的推荐单在哪找 河南11选5历史开奖号码查询今天 香港赛马会有内部料