Insurance Service Refused to Hacked Youbit Request

Youbit hacks investigation is still in the initial stages
29 March 2018   1003

South Korean Exchange Youbit received a refusal to request, sent to the insurance service, a few months after a hack.

In December, Youbit declared itself bankrupt, after hacked twice during 2017. The last attack resulted in the loss of 17% of the exchange's assets and its subsequent closure.

According to the Wall Street Journal, the exchange contacted the insurance service in accordance with the procedure, which she was informed about several weeks before the second hack. However, the insurance company DB Insurance Co. refused to meet her demands.

Although the insurer did not comment on the situation, WSJ managed to contact Yapian, the operator of the Youbit exchange. It said that DB Insurance accused them that they were in a hurry to get insurance and did not provide important information at the time of discussing the terms of insurance.

In the meantime, the investigation continues into two hackings of the Youbit exchange and the possible involvement of North Korean hackers. WSJ reports that the process is in the initial stages, and the investigation did not go beyond the stage of studying the malicious software used to carry out attacks.

China to Finance Hacker Attacks on Exchanges, - FireEye

Experts believe that the victims of APT41 are industry participants, the development of which is a priority in the current Chinese five-year period
08 August 2019   258

The hacker group APT41 attacks companies in the areas of healthcare, telecommunications, fintech, media, and cryptocurrency exchanges. This activity is funded by the Chinese government, according to analysts of cybersecurity company FireEye.

Experts believe that the victims of APT41 are industry participants, the development of which is a priority in the current Chinese five-year period.

Industries Targeted by APT41
Industries Targeted by APT41

At the same time, APT41 pursues its own goals, extracting financial benefits from attacks, which is unusual for other groups under the Chinese government, according to FireEye.

APT41 is known to include at least two people with the pseudonyms Chzan Xuiguan and Wolfji. The group probably has connections with other hacker organizations like BARIUM and Winnti.

FireEye also evaluated at what time of the day the APT41 attacked the gaming industry (its core target) and businesses from other areas. It turned out that this was happening outside the framework of a standard working day - probably these people, among other things, have the main job.

APT41 Operational Times
APT41 Operational Times

According to the UN Security Council, hackers under the DPRK government stole about $ 2 billion from banking institutions and cryptocurrency exchanges.