Tag Archive for: Exchange

Crypto exchange hacker gets jail time

/in


Feds boost home buyers plan withdrawal limit to $60,000

Expanded HBP, combined with FHSA, could help first-time buyers build down payment faster

CRA launches new verification method for online access

The new verification process will be more convenient, but not all taxpayers will benefit

Industry moves this week

Notable news comes from banking, and a new leader joins Sterling Mutuals

Feds to propose funding for CRA real estate audits in 2024 budget 

Ottawa said it is targeting tax fraud in the housing sector

Source…

Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts

/in


Apr 13, 2024NewsroomCryptocurrency / Regulatory Compliance

Crypto Exchange Thefts

A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million.

Shakeeb Ahmed, the defendant in question, pled guilty to one count of computer fraud in December 2023 following his arrest in July.

“At the time of both attacks, Ahmed, a U.S. citizen, was a senior security engineer for an international technology company whose resume reflected skills in, among other things, reverse engineering smart contracts and blockchain audits, which are some of the specialized skills Ahmed used to execute the hacks,” the U.S. Department of Justice (DoJ) noted at the time.

Cybersecurity

While the name of the company was not disclosed, he was residing in Manhattan, New York, and working for Amazon before he was apprehended.

Court documents show that Ahmed exploited a security flaw in an unnamed cryptocurrency exchange’s smart contracts to insert “fake pricing data to fraudulently generate millions of dollars’ worth of inflated fees,” which he was able to withdraw.

Subsequently, he initiated contact with the company and agreed to return most of the funds except for $1.5 million if the exchange agreed not to alert law enforcement about the flash loan attack.

It’s worth noting that CoinDesk reported in early July 2022 that an unknown attacker returned more than $8 million worth of cryptocurrency to a Solana-based crypto exchange called Crema Finance, while keeping $1.68 million as a “white hat” bounty.

Ahmed has also been accused of carrying out an attack on a second decentralized cryptocurrency exchange called Nirvana Finance, siphoning $3.6 million in the process, ultimately leading to its shutdown.

“Ahmed used an exploit he discovered in Nirvana’s smart contracts to allow him to purchase cryptocurrency from Nirvana at a lower price than the contract was designed to allow,” the DoJ said.

Cybersecurity

“He then immediately resold that cryptocurrency to Nirvana at a higher price. Nirvana offered Ahmed a ‘bug bounty’ of as much as $600,000 to return the stolen funds, but Ahmed instead demanded $1.4 million, did not reach…

Source…

US Securities and Exchange Commission Probes MOVEit Hack

/in


Cybercrime
,
Fraud Management & Cybercrime

Progress Software Says Investigation Is Fact-Finding Inquiry

Mihir Bagwe (MihirBagwe) •
October 12, 2023    

US Securities and Exchange Commission Probes MOVEit Hack
Image: Shutterstock

The zero-day campaign underpinning the May mass attack on Progress Software’s MOVEit file transfer software is now the vulnerability fueling a flotilla of attorneys, the software vendor disclosed in a regulatory filing listing pending litigation and governmental investigations.

See Also: Challenges and Solutions in MSSP-Driven Governance, Risk, and Compliance for Growing Organizations


Among the organizations investigating the May incident is the U.S. Securities and Exchange Commission, the company said.


An independent count of those directly or indirectly affected by the attack, executed by the Clop ransomware group, now tallies more than 2,500 organizations and over 64 million individuals. Among the organizations that recently acknowledged they were caught up in the breach is Sony, which alerted around 6,800 individuals earlier this month (see: Breach Roundup: Still Too Much ICS Exposed on the Internet).


Progress Software says in the regulatory filing that it received on Oct. 2 a subpoena seeking documents related to the incident. “The SEC investigation is a fact-finding inquiry, the investigation does not mean that Progress or anyone else has violated federal securities laws,” the company says. “Progress intends to cooperate fully with the SEC in its investigation.”


Russian-speaking Clop appears to have unleashed a highly automated mass attack on MOVEit instances around May 29, likely timed to take advantage of the U.S. Memorial Day holiday weekend. The group came into possession of a MOVEit zero-day vulnerability, a SQL injection flaw tracked as CVE-2023-34362, possibly as long…

Source…

US cyber safety board to investigate cloud security and Exchange Online breach

/in


The Cyber Safety Review Board has launched an investigation into the cybersecurity threats facing cloud service providers.

The probe by the CSRB was first reported by Bloomberg late Thursday and confirmed today. As part of its investigation, the CSRB plans to look into a high-profile breach that hit Microsoft Corp.’s Exchange Online email platform earlier this year. During the cyberattack, a hacking group believed to be affiliated with China accessed the inboxes of several U.S. government officials.

“We must as a country acknowledge the increasing criticality of cloud infrastructure in our daily lives and identify the best ways to secure that infrastructure and the many businesses and consumers that rely on it,” said CSRB Chair and DHS Under Secretary for Policy Rob Silvers. 

The CSRB, which launched last year, was formed by the U.S. Department of Homeland Security in accordance with an executive order that President Joe Biden signed in 2021. Its mission is to investigate large-scale cybersecurity incidents. The CSRB is composed of 15 government officials and private sector experts.

The first focus of the board’s new investigation is the recent cyberattack against Microsoft’s Exchange Online platform, which came to light last month. During the breach, a hacking group suspected to be based in China gained access to the email accounts of Commerce Secretary Gina Raimondo and multiple State Department officials.

The hackers breached the accounts using forged authentication tokens. Those are pieces of data that a computer uses to verify the login request it sends to an application, in this case Exchange Online, is legitimate. The hackers forged the authentication tokens by exploiting an encryption key stolen from Microsoft and a since-patched flaw in one of the software giant’s cybersecurity systems.

The CSRB’s probe comes about two weeks after Senator Ron Wyden asked federal agencies to review the Exchange Online breach. In a letter, the Senator requested that the CSRB “investigate whether lax security practices by Microsoft enabled” the hack.

As part of its investigation, the board also plans to review “issues relating to cloud-based identity and…

Source…