Ctrl-Alt-Intel Uncovers Sophisticated Cyberattack Targeting Crypto Firms

Share:
Ctrl-Alt-Intel uncovered a sophisticated cyber campaign that exploited the React2Shell vulnerability and used stolen AWS credentials to access crypto firms' cloud infrastructure, targeting CEXs and exchange codebases. Attackers searched for private keys, credentials and exchange source code; evidence and tactics point to likely North Korean-linked actors, flagging major security risks for crypto, DeFi platforms and custody providers.
- Attackers exploited the React2Shell vulnerability and stole AWS credentials to access systems.
- Hackers searched cloud infrastructure for private keys, credentials, and exchange source code.
- Evidence and tactics point toward North Korean cyber groups targeting the crypto industry.
A sophisticated hacking campaign targeting the heart of the cryptocurrency industry has been exposed by cybersecurity firm Ctrl-Alt-Intel, and the fingerprints left behind suggest possible links to North Korean threat actors.
The Break-In
The attackers used multiple entry points. In some cases, they exploited React2Shell, a vulnerability in a popular web framework, scanning the internet for crypto platforms running outdated software.
In another instance, the attackers appeared to already possess valid Amazon Web Services credentials, allowing them to enter a crypto exchange’s clou…
Read The Full Article Ctrl-Alt-Intel Uncovers Sophisticated Cyberattack Targeting Crypto Firms On Coin Edition.
Read More




