Beautiful Virgin Islands

Wednesday, Jul 08, 2026

north korea hackers

East European Hackers Steal Over $200M from Cryptocurrency Exchanges, Targeting US, Japan

CryptoCore, believed to operate out of Eastern Europe, is now the second group which repeatedly targeted cryptocurrency exchanges during the past few years

An unknown cyber group from eastern Europe has stolen $70 million from Israel cryptocurrency exchanges, revealed cyber-security company ClearSky. The report said the crypto cyber gang, dubbed as "CryptoCore," has robbed cryptocurrency exchanges worth $200 million, especially focusing on Japan and the U.S.

As per the report, the ClearSky has been tracking the CryptoCore group campaigns for almost two years, with no conclusive understanding of the operators' origin. However, the company assessed with a medium level of certainty that the group has links to the East European region, Ukraine or Russia.

Or Blatt, Research Team Leader at ClearSky said they linked CryptoCore to five successful hacks and have noticed the group to target another 10 to 20 cryptocurrency exchanges. Some of the operations by the threat actors have been previously documented in several reports identifying the group as "Dangerous Password" and "Leery Turtle [PDF]."

But as per the Israeli security firm, CryptoCore's operations have been more ample and widespread than previously documented. In the report, the security firm clarified that,

"Cryptocurrency exchanges have become targets for constant attacks... Threat actors of all kinds try to infiltrate corporate networks for reconnaissance, ransomware deployment, and plainly to steal money from those exchanges, specifically from their 'hot' (i.e. active, connected) wallets"

The Tactics Are Same


As per the ClearSky despite operating for almost two years, the attacking tactics are almost the same, with a little variation. All attacks start with an information gathering stage during which the cybercriminals collect the required information to target an exchange's management, IT staff, and other employees.

They usually launch the first phishing attacks against personal email accounts, rather than the corporate ones, as they are less secure. ClearSky said that it is just a matter of hours to weeks until the spear-phishing email is sent to a corporate email account of an exchange's executive. The attacks are typically carried out by impersonating a high-ranking staff either from the target organization or from another organization with connections to the targeted employee.



The ultimate goal is to plant malware on an employee's system and gain access to a password manager account. The hackers from CryptoCore will use those passwords to access accounts and wallets, disable two-factor authentication systems, and then start transferring funds out of the exchange's "hot wallets."

While North Korea bases hackers have been the biggest threat to the cryptocurrency exchanges, CryptoCore is now the second group that has repeatedly targeted cryptocurrency exchanges during the past three to four years. However, the United Nation's panel on threat intelligence released a report which said that North Korean hackers stole around $571 million from at least five cryptocurrency exchanges in Asia between January 2017 and September 2018.

Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
Federal Financial Framework Shifts as Treasury Launches Universal Savings Program for Minors
French Court Allows Le Pen to Run for Presidency, but with an Electronic Tag: "I Will Appeal, and I Will Run"
$1.4 Trillion: The Lawsuit That Could Crush Meta
Europe's Growing Struggle with Extreme Heat and Air Conditioning
UK Daily Briefing: Legal Developments and Social Issues
Political Turmoil and Rising Costs
Anthropic Reengineers Agentic Architecture to Shift Autonomous Workplace Automation to the Cloud
Logic Flaw in Windows 11 Permission Architecture Silently Consumes Hundreds of Gigabytes of Local Storage
Apple Advances Late-Stage Operating Systems with Fourth Beta Deployments
Global Crisis Alert: Escalating Middle East Tensions and UK Political Upheaval
Deep Purple Has Released Its Best Album in Decades
Microsoft Lays Off 4,800 Employees and Xbox Suffers the Hardest Blow
Morocco and France Advance as 2026 FIFA World Cup Enters Quarterfinals.
Historic 2026 Tour de France Opens in Barcelona With Revamped Team Time Trial.
Global Mergers and Acquisitions Approach $4 Trillion Defying Geopolitical Tumult.
Negotiators Advance 20-Point Framework for Gaza Ceasefire and Demilitarization.
OECD Warns Middle East Conflict Will Depress Global Economic Growth.
Ukrainian Drones Strike Major Oil Terminal in St. Petersburg.
World Meteorological Organization Issues Urgent Alert Over Rapidly Intensifying El Niño.
United States Commemorates 250th Anniversary With Diplomatic Summits and Global Flotilla.
Iran Begins Days-Long Funeral for Supreme Leader Khamenei Amid Strait of Hormuz Standoff.
Technology giant reports surging carbon emissions driven by artificial intelligence infrastructure demands.
Artificial intelligence adoption accelerates workforce reductions across the technology and financial sectors.
Global technology and financial conglomerates collaborate to launch a new stablecoin standard.
United States regulators lift export restrictions on a major frontier artificial intelligence model.
Luxury bags take over the World Cup: style, status symbol, or just showing off?
×