A cyber-attack against–Bithumb–one of South Korea’s largest cryptocurrency exchanges and one of the five largest in the world—has reaped access to the data of 30,000 users and drained their accounts in the process. Bithumb is one of the biggest ethereum exchanges by volume in South Korea, representing more than 44 percent of trading in that country.
The Korea Internet and Security Agency is investigating the incident that occurred on June 30 when an intruder obtained access to Bithumb’s system through the hacking of an employee’s home PC. The incident affected 3 percent of Bithumb’s users.
The data that was compromised in the incident included users’ names, mobile telephone numbers and email addresses. In addition, some users’ disposable password used in financial transactions was also compromised. This led to the draining of some of those users’ accounts.
The hackers used “voice phishing” (vishing), which is when the hacker directly contacts the company on the telephone, poses as an executive and tries to get information from an unsuspecting employee—including usernames, passwords and security codes or answers to security questions in order to gain access to the company’s system.
In this case, it is being reported that the attacker posed as an executive of Bithumb in a telephone call, claimed that suspicious activity was found on the account, and asked for the credentials so he could fix it. The victim complied and the hacker gained access to account information and thereafter drained multiple financial accounts of users.
Bithumb is offering to compensate victims and is continuing to investigate the incident.
The lesson is that hackers and criminals are very bold and using new techniques to steal. We talk a lot about email phishing and spear phishing, but vishing should not be overlooked. Employee education is important in alerting employees to these sophisticated techniques.