The holidays are here, and people are enjoying every second of them. However, malware operators also observe the holidays to perform as many cyberattacks as possible. The crypto industry has been hit before, but this time around, one of the world’s largest cryptocurrency mining pools, BTC.com, is the new victim.
The company is considered to be the seventh-biggest cryptocurrency mining pool in the world, which makes it a huge target for threat actors.
Unfortunately, with the right tools, these malware operators were able to infiltrate BTC.com’s systems and harvest a total of $3 million worth of crypto assets. What is this attack all about? How did the cybercriminals pull it off? Find out below.
BTC.com Hit Hard – Recovered Some, Lost A Lot
The crypto industry faced several attacks in the past year. Yes, 2022 wasn’t the year for cryptocurrency dealers, whatever country they reside in.
Several attempts to steal crypto have taken place, particularly attacks involving none other than the infamous Lazarus Group. Whether it’s a fake app or a direct attack, Lazarus has solidified its place as a top threat.
The threat actors’ malicious Christmas activities started early this year. In fact, the company detected the attack on December 3rd, 2022, and directly informed Chinese law enforcement in Shenzhen.
In a statement, BTC.com disclosed the data breach and said that the cyberattack allowed threat actors to harvest around $3 million in asset value owned by both the clients and the company:
“BTC.com, experienced a cyberattack on December 3, 2022. In the cyberattack, certain digital assets were stolen, including approximately US$700,000 in asset value owned by BTC.com’s clients, and approximately US$2.3 million in asset value owned by the Company.”
The company didn’t rest ever since the attack occurred. Apparently, it was able to recover some of the stolen cryptocurrency but did not disclose the amount.
“The Company reported this incident to law enforcement authorities in Shenzhen, China. Due to coordination locally and within the Company internally, some of BTC.com’s digital assets have already been secured.
On December 23rd, 2022, the authorities had launched an investigation, began collecting evidence, and had requested assistance from and coordination with relevant agencies. The Company will devote considerable efforts to recover the stolen digital assets.”
Bit Mining, the company that BTC.com is a subsidiary of, is a business that cryptocurrency mining, mining pool, data center operation, and more.
It has a huge number of clients, which shows how big this data breach is. While 3 million does not compare to other cyberattacks, it does, however, show that even the biggest companies are susceptible and vulnerable to such malicious practices.
BTC.com Breach – Client Fund Services Unaffected
While the breach did end up harvesting 3 million dollars worth of assets, the company claims it did not affect the client fund services.
Also, the company is implementing all the necessary precautions to prevent similar attacks in the future. However, despite the investigations, we did not know who was behind this entire attack or if they managed to get any private information.