Poor Key Management
Private key leak, cold wallet, Lazarus hacking group
DragonEX is a cryptocurrency exchange based in Singapore. It has been active since 2017. DragonEx announced the news on its official Telegram channel on Monday, stating that, on Sunday, March 24, it had suffered a cyberattack that saw cryptocurrency funds owned by users and the exchange “transferred and stolen.” In updates on the hack today, DragonEx’s Telegram admin provided wallet addresses for 20 cryptocurrencies to which the stolen funds had apparently been transferred. The list included the top five cryptos by market capitalization: bitcoin (BTC), ether (ETH), XRP, litecoin (LTC) and EOS, as well as the tether stablecoin (USDT) for which six destination addresses were provided. The North Korean hacking group Lazarus was responsible. The hackers created a legitimate looking fake company and convinced DragonEx employees to download malware onto their computers through Telegram and LinkedIn messages.
DISCLAIMER: While Zero Friction LLC has used the best efforts in aggregating and maintaining this database, Zero Friction LLC makes no representations or warranties with respect to the accuracy or completeness, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose.
Under no circumstances, shall Zero Friction LLC be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the dataset or information derived from our database.