Cashaa is a London-based crypto wallet and banking service provider.
Last year, it announced that it had enabled credit and debit card payments for digital currency purchases on its platform. Cashaa said it has signed partnership agreements with 173 virtual currency-related companies that are in the initial testing phase.
At 8:10 a.m. Beijing time on July 11, the CertiK Skynet system (Skynet) detected abnormal transactions on the Cashaa exchange at Bitcoin blocks 638606 and 638692. Security researchers quickly intervened in the investigation and studied in detail the attackers targeting of Cashaa. The Bitcoin wallet owned by the exchange launched the attack process twice.
At 8:10 a.m. Beijing time on July 11, the CertiK Skynet system (Skynet) detected abnormal transactions on the Cashaa exchange at Bitcoin blocks 638606 and 638692. Security researchers quickly intervened in the investigation and studied in detail the attackers targeting of Cashaa. The Bitcoin wallet owned by the exchange launched the attack process twice.
The first attack occurred at 6:57 p.m. Beijing time on July 10. One of the bitcoin wallets of the victim Cashaa, 1Jt9mebBwqCk8ijrVDoT5aySu2q9zpeKde, was stolen and sent to the attacker’s account.
14RYUUaMW1shoxCav4znEh64xnTtL3a2Ek transferred 1.05977049 BTC (about $9800). As described in the Cashaa report, the attacker hacked into the victims computer in some way, the victims Bitcoin wallet on Blockchain.info was stolen, and BTC was transferred to the attackers account.
The second attack occurred at 8:10 a.m. Beijing time on July 11. A total of 8 bitcoin wallets of the victim Cashaa, with a total of 335.91312085 bitcoins (about 3.1 million U.S. dollars), were transferred to the same wallet by the attacker through the same means. A 14RYUUaMW1shoxCav4znEh64xnTtL3a2Ek address.
The following is the wallet address of Cashaa being attacked for the second time:
14TBB9Th7qCFAbatr1owmo9WqvB3ZLM5Aq
1ESvwYDmdAvhHpJs8M3tRbPqXghJDNu7oV
1LNp8hKZTvP8Ru8SAi4xPkJ8L2TwaNsDEu
1Et9GAsZq8P3u7tL5F5qbLi6Re1HCZAgNn
1KY5sNjDA7QMXf844wKZ3wcQUxoZeEcRF9
1D6cTYKf5f9HtUjsVBGczyoPN5jgZktkMa
1Ln2A65sjxLTuvPE3M1zQ1oybrXQXnJaDL
1KJPr37UHmBAfRL1znGLXekTrNHoEABqfH
The details of the specific control of the victims computer during the attack have not been released. CertiK security researchers believe that there may be two cases of internal operation errors or the victims computer being implanted with a backdoor. Through analysis, CertiK security researchers believe that the following points should be paid attention to in order to prevent digital currency attacks and protect digital currency security:
1. Digital currency attack is a comprehensive attack of multiple technical dimensions. It is necessary to consider all application security involved in the process of digital currency management and circulation, including computer hardware, blockchain software, blockchain service software such as wallets, smart contracts, etc. .
2. Attackers often test the attack methods to be adopted before launching large-scale attacks. Therefore, it is necessary to pay attention to the detection and monitoring of potential attack methods, and not to be attacked by the same method multiple times.
3. Strengthen the security protection method of digital currency accounts, and use physically encrypted offline cold storage (cold storage) to store important digital currencies.
The complex operating system, browser, and network environment of the transaction environment will cause great security risks in the transaction. At present, most wallets based on the mobile phone platform (MTK) in China can be attacked. By exporting the wallet firmware, you can not only see the cache information of multiple currencies, but also find various libraries for generating mnemonic words.
Under the principle of putting business first, many development teams do not pay equal attention to the security of their own wallet products. Once a security problem occurs, a large number of users will have their account currency stolen. Due to the particularity of the implementation, once the assets are stolen, It cannot be reported as lost, and it is difficult to recover.
CertiKs mission is to build a trusted blockchain ecosystem. In response to this series of security vulnerabilities, CertiK provides wallet security services.Service items include black box, white box penetration testing and source code audit. In addition, if the user makes an internal operation error, CertiKs professional security consultants can provide users with customized analysis, use automated tools and manual audits to ensure high security and high availability of the code, and design unit and integration tests in a targeted manner Ensure the correctness of the core logic. CertiK is committed to creating a more secure environment for the blockchain and providing better security for developers and users.
With the purpose of ensuring the security of the blockchain, CertiK exports security capabilities to the entire blockchain ecosystem. Committed to ensuring the sustainable development of blockchain ecology and jointly establishing a safe and reliable transaction ecology.
Official website:
Official website:https://cn.certik.io/
Business cooperation email: bd@certik.org
