Hacker Uses Ingenious MO to Siphon $1M from VC Firm
A “Man-in-the-Middle” attack, spoofed emails, bogus domains, lots of planning, plenty of patience, and bingo!
Security researchers at cybersecurity firm Check Point relate how Chinese hackers hijacked $1 million of seed money that was supposed to travel from a Chinese venture capital firm to an Israeli startup.
However, Check Point found after an exhaustive investigation that the attacker had tampered with the emails between the two organizations. They also found emails that had not been written by either of them but received by one or the other.
Check Point reveals hacker’s modus operandi (MO)
Aware of emailed plans for the imminent wire transfer, the hacker set up two lookalike domains. One was of the Chinese VC firm and the other of the startup. The domains were exactly the original domain names, except that the hacker added an ‘s’ at the end of each.
Next, the attacker sent two emails with the same subject header as the original email to each firm. These mails looked as if they originated from the other party. In reality, the bad actor sent these emails from the fake domains.
Therefore, subsequent emails in the thread now passed through the attacker’s domains. Unknown to the two parties, the attacker had now firmly ensconced himself as the man in the middle. The emails landed up at these fake domains, and it was a cinch for him to alter and edit information such as bank accounts details and resend to the intended recipient.
Once the bank details were tampered with, it was a simple matter to wait for the funds to arrive at the fraudulent bank account and then to vanish with the proceeds.
“Patience, attention to detail, and good reconnaissance on the part of the attacker made this attack a success,” Check Point said.
[Related Story: ZecOps Raises $10.2 Million Seed To Exploit Cyber-Attackers’ Mistakes ]
Latest Alternative Investment News
This should be another shot in the arm for bitcoin adoption. Liquidity of holding is a much-desired feature of any asset, and U.S. digital assets exchange Coinbase is pulling out…
Loanpal, the fintech that is a market leader in financing of residential solar installations, announced Thursday that Blackstone (NYSE: BX) had committed to invest $300 million in solar loans originating…
Alternative Investments: iCapital To Provide Alternative Investment Solutions to PGIM’s Retail Clientele
PGIM Investments is the retail distribution arm of PGIM, Inc, the $1.4 trillion investment management business of Prudential Financial, Inc. (NYSE: PRU). It has tied up with iCapital Network, a…
Impossible Foods, the plant-based meat startup, announced Thursday its Series G round raise of $200 million. The investment round was led by new investor Coatue Management LLC. It saw participation…