Sep 2015 - BitPay Social Engineering - $1.8m (United States)
“According to a lawsuit filed Sept. 15 in federal court in Atlanta, in December 2014, Bryan Krohn, Bitpay's chief financial officer, got an email from someone purporting to be with a digital currency publication asking Krohn to comment on a bitcoin industry document.” “Unknown to Krohn or Bitpay, the email sender's computer had been hacked, and the hacker sent the phony email that directed Krohn to a website controlled by the hacker, where Krohn provided the credentials for his Bitpay corporate email account, according to the lawsuit.” "After capturing Mr. Krohn's Bitpay credentials, the hacker used that information to hack into Mr. Krohn's Bitpay email account to fraudulently cause a transfer of bitcoin" valued at $1,850,000, the lawsuit says. “The next day, the imposter sent another email to the CEO asking him to send an additional 3000 bitcoins to the customer. The CEO emailed Krohn to confirm the request, and the imposter sent back an email saying the transfer was valid. The CEO then sent the bitcoins.” “The scam was apparently discovered because the CEO copied Bitpay's real customer on the final email about the transfer of the 3,000 coins, and the customer then replied back that they did not purchase the bitcoins.”
Further Analysis
Although not a cryptocurrency exchange, this kind of exploit could apply to many exchanges that have more personal relationships with customers.
More Cryptocurrency Exchange Hacks/Scams/Frauds
My Big Coin Fraudulent Service > > < < Bitfinex Hot Wallet Hack
Sources/Further Reading
100 Crypto Thefts: A Timeline of Hacks, Glitches, Exit Scams, and other Lost Cryptocurrency Incidents (Jan 25)
BitPay Sues Insurer After Losing $1.8 Million in Phishing Attack (Mar 5)
Bitcoin Scams and Cryptocurrency Hacks List - BitcoinExchangeGuide.com (Mar 6)
Atlanta's Bitpay got hacked for $1.8 million in bitcoins (Mar 14)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|