1. Home
  2. Match Systems

Match Systems

Angel Drainer reportedly shuts down after devs potentially identified

Two hours after Match Systems claimed to have discovered the identity of Angel Drainer developers, users began complaining that the app no longer worked.

Notorious crypto phishing app Angel Drainer has reportedly been shut down by its developers after they were potentially identified, according to a July 16 report from blockchain security firm Match Systems.

Security analysts have previously blamed Angel Drainer for over $25 million in crypto losses from phishing scams.

Drainer programs are apps that allow phishing scammers to easily drain the wallets of crypto users by tricking them into accidentally making token approvals. In most cases, drainers are provided to scammers in exchange for a portion of the stolen loot the scammers acquire.

Read more

These crypto ETFs are ‘call options’ on the US elections

Match Systems Announces Recovery of $68 Million in Stolen Cryptex Crypto Assets

Match Systems Announces Recovery of  Million in Stolen Cryptex Crypto AssetsMatch Systems, a cybersecurity company specializing in Anti-Money Laundering (AML) services, blockchain forensics, and investigations, recently announced the recovery of $68 million in stolen crypto assets from Cryptex, a cryptocurrency trading platform established in 2016. The specifics of the recovery operation have not been disclosed. In a recent social media post, Match Systems further stated: […]

These crypto ETFs are ‘call options’ on the US elections

Crypto payment gateway CoinsPaid suspects Lazarus Group in $37M hack

CoinsPaid said it is now working with Estonian law enforcement and several blockchain security firms are assisting to minimize the impact of the July 22 exploit.

Cryptocurrency payments platform CoinsPaid has pointed the finger at North Korean state-backed Lazarus Group as being behind the hacking of its internal systems, which allowed them to steal $37.3 million on July 22.

“We suspect Lazarus Group, one of the most powerful hacker organisations, is responsible,” CoinsPaid explained in a July 26 post.

While CoinsPaid didn’t explain how the money was stolen exactly, the incident forced the firm to halt operations for four days.

CoinsPaid confirmed that operations are back up and running in a new, limited environment.

The firm added that customer funds remain intact but considerable damage was done to the platform and the firm’s balance sheet.

Despite the huge exploit, CoinsPaid believes the cybercrime organization were chasing a much larger sum:

“We believe Lazarus expected the attack on CoinsPaid to be much more successful. In response to the attack, the company's dedicated team of experts has worked tirelessly to fortify our systems and minimize the impact, leaving Lazarus with a record-low reward.”

CoinsPaid filed a report with Estonian law enforcement three days after the hack to further investigate the exploit. In addition, several blockchain security firms such as Chainalysis, Match Systems and Crystal assisted in CoinsPaid’s preliminary investigation over the first few days.

The firm’s CEO, Max Krupyshev is confident that the Lazarus Group will be held accountable for their actions.

“We have no doubt the hackers won’t escape justice.”

Blockchain security firm SlowMist believes the CoinsPaid hack may be linked to two recent hacks in Atomic Wallet and Alphapo, which were exploited to the tune of $100 million and $60 million respectively.

Lazarus Group targeting crypto devs

Online coding platform GitHub believes — with “high confidence” — that Lazarus Group is conducting a social engineering scheme targeted at workers in the cryptocurrency and cybersecurity sectors.

According to a July 26 post by cybersecurity platform Socket.Dev, Lazarus Group’s objective is to lure in these professionals and compromise their GitHub accounts with malware-infected NPM packages to infiltrate their computers.

Related: Era Lend on zkSync exploited for $3.4M in reentrancy attack

The cybersecurity platform said the first point of contact is often on a social media platform like WhatsApp, where the rapport is built before the victims are led to clone malware-laden GitHub repositories.

Socket.Dev urged software developers to review repository invitations closely before collaborating and to be cautious when abruptly approached on social media to install npm packages.

Magazine: $3.4B of Bitcoin in a popcorn tin — The Silk Road hacker’s story

These crypto ETFs are ‘call options’ on the US elections