Hacker Uses Ingenious MO to Siphon $1M from VC Firm
A “Man-in-the-Middle” attack, spoofed emails, bogus domains, lots of planning, plenty of patience, and bingo!
Security researchers at cybersecurity firm Check Point relate how Chinese hackers hijacked $1 million of seed money that was supposed to travel from a Chinese venture capital firm to an Israeli startup.
However, Check Point found after an exhaustive investigation that the attacker had tampered with the emails between the two organizations. They also found emails that had not been written by either of them but received by one or the other.
Check Point reveals hacker’s modus operandi (MO)
Aware of emailed plans for the imminent wire transfer, the hacker set up two lookalike domains. One was of the Chinese VC firm and the other of the startup. The domains were exactly the original domain names, except that the hacker added an ‘s’ at the end of each.
Next, the attacker sent two emails with the same subject header as the original email to each firm. These mails looked as if they originated from the other party. In reality, the bad actor sent these emails from the fake domains.
Therefore, subsequent emails in the thread now passed through the attacker’s domains. Unknown to the two parties, the attacker had now firmly ensconced himself as the man in the middle. The emails landed up at these fake domains, and it was a cinch for him to alter and edit information such as bank accounts details and resend to the intended recipient.
Once the bank details were tampered with, it was a simple matter to wait for the funds to arrive at the fraudulent bank account and then to vanish with the proceeds.
“Patience, attention to detail, and good reconnaissance on the part of the attacker made this attack a success,” Check Point said.
[Related Story: ZecOps Raises $10.2 Million Seed To Exploit Cyber-Attackers’ Mistakes ]
Latest Alternative Investment News
Artificial Intelligence: AMD Takes On Rivals In The AI Chip Sweepstakes
Chipmaker AMD (NASDAQ: AMD) has unveiled a range of innovative AI solutions spanning from data centers to personal computers. The AMD Instinct MI300 Series features data center AI accelerators, while…
Digital Assets: Robinhood Debuts Crypto Trading On Its App In The EU
Robinhood (NASDAQ: HOOD) has launched its Crypto app in the European Union (EU), allowing eligible customers to engage in crypto trading with the added incentive of earning Bitcoin rewards. Customers…
FinTech: Samsung Electronics Ties With Mastercard’s Wallet Express
Samsung Electronics (KRX: 005930) and Mastercard (NYSE: MA) have partnered to launch the Wallet Express program, offering banks and card issuers a cost-effective way to expand digital wallet offerings. Through…
Venture Capital: Revaia, Europe’s Biggest Female-Led VC Firm, Racks Up $160M For Second Fund
Revaia, Europe’s largest female-founded venture capital firm, has successfully raised €150 million ($160 million) for its second fund, Revaia Growth II. The funding was secured from sovereign wealth funds, family…