Crypto Management App Denies Being Hacked

Published at: July 10, 2020

Plutus, a crypto finance app founded in 2015, denied social media reports that its database was compromised by a hacking attack launched by alleged threat actors.

On July 9, Israel-based threat intelligence firm, Sixgill, published an alert through their official Twitter account which stated that hackers have been sharing a database stolen from the crypto app since July 7, with no additional details revealed.

Official Plutus statement on the alleged cyber-incident

However, a representative from Plutus sent Cointelegraph the following statement:

“We have investigated several possible attack vectors and not found any evidence of hacking. We want to reassure our customers that there is no risk of losing either their fiat or crypto balances. Our services are non-custodial by design which removes the possibility of company hacks having any impact on customer assets. So far, we have not found any evidence to suggest a successful hacking attempt.”

According to the screenshot published by Sixgill, the alleged attackers reportedly uploaded the information of 1205 to an unidentified website, together with “bcrypt” passwords. These are related to the password used by the Plutus’ users to access their wallets through the site.

Recently, Plutus announced that it started offering rewards through its debit card when users shop Nike’s online store. Doing so unlocks up to 3% in crypto and 9% cash rewards for those purchases.

Cointelegraph reached out to Sixgill for additional details but received no response as of press time. This article will be updated, should a response come in.

Tags

Technology

Blockchain

Cryptocurrencies

Hacks

Cybersecurity

Crimes

Startups

Related Posts

Digital intelligence must overcome challenges to solving crypto crimes

While the value of cryptocurrencies has varied wildly in the last year, this has not diminished crypto’s attractiveness to criminals. Many of them are moving their illegal activities underground and outside the view of law enforcement. Because of the public nature of most blockchains, however, this rapid movement shouldn’t be a major concern to law enforcement agencies. With the right tools and training, following the proceeds of crypto-enabled crime is actually not as difficult as it may seem. However, intelligence agencies must have a cryptocurrency investigation plan that includes the right tools to lawfully collect digital evidence and the properly …

Technology / Aug. 20, 2021

Don’t blame crypto for ransomware

Recently, gas has been a hot topic in the news. In the crypto media, it’s been about Ethereum miner’s fees. In the mainstream media, it’s been about good old-fashioned gasoline, including a short-term lack thereof along the East Coast, thanks to an alleged DarkSide ransomware attack on the Colonial Pipeline system, which provides 45% of the East Coast’s supply of diesel, gasoline and jet fuel. In cases of ransomware, we generally see a typical cycle repeat: Initially, the focus is on the attack, the root cause, the fallout and steps organizations can take to avoid attacks in the future. Then, …

Technology / May 30, 2021

Bitcoin Ransomware and Remote Working: What the Future Holds

The new work-from-home culture is gaining more traction than ever before as businesses, government departments and schools try to remain afloat while flattening the pandemic curve. This migration to remote working is a double-edged sword that creates a fertile land for cybercriminals to thrive on. There is no way that cyberattacks can be eliminated completely. The best that companies can do is minimize the frequency of the threats. What is ransomware? Cybercriminals use malicious software code to block people or organizations from accessing their computer systems until a ransom has been paid. Cryptocurrencies such as Bitcoin (BTC) have made it …

Technology / Aug. 21, 2020

Someone Has Been on a $200M Crypto Exchange Hacking Spree

A cybercriminal group has allegedly stolen around $200 million from cryptocurrency exchanges over the past two years. In total, they are believed to have hit 10 - 20 victims across the United States, the Middle East, and Asia. According to research by the cybersecurity firm ClearSky, the gang named “CryptoCore,” known with other pseudonyms like “Dangerous Password” and “Leery Turtle,” has been actively targeting crypto firms since 2018 — specifically exchanges. Source: ClearSky They confirmed that CryptoCore stole $200 million from at least five victims, several of whom were located in Japan. Between 10-20 additional companies could be affected The …

Technology / June 24, 2020

Trident Crypto Fund Data Breach: 266,000 Passwords Stolen

In a major privacy breach, the usernames and passwords of more than a quarter of a million Trident Crypto Fund customers have been stolen and published online. Technical director of cybersecurity firm DeviceLock Ashot Oganesyan told Russian news outlet IZ the database — which contains email addresses, cellphone numbers, encrypted passwords and IP addresses — had been uploaded to various file sharing websites on February 20. Earlier this week, hackers decrypted and published close to 120,000 of the passwords, potentially enabling them to log into affected users’ accounts and access their funds. 10,000 Russians affected Oganesyan said that while attacks …

Blockchain / March 6, 2020