Connect with us

Hacking

Social Engineering Hackers Score against EA Sports in FIFA 16 Ultimate Team

Published

on

A whole raft of popular YouTubers and FIFA gamers are the targeted victims of cyber thieves who gained access to their EA (Electronic Arts) Origin accounts to steal millions of Fifa coins that translates to thousands of dollars in real currency.

A group of cyber thieves have successfully gained access to millions of ‘Fifa coins’, the popular title’s in-game currency with a simple yet effective social-engineering hack targeting the accounts of popular YouTube gamers playing FIFA 16, according to the BBC.

Poor Refereeing, EA

The hackers are believed to have simply called EA, the publisher and developer of the wildly successful FIFA gaming franchise in order to convince the company to get the YouTubers’ EA Origin accounts transferred to email addresses controlled by the hackers.

Origin is EA’s online platform for FIFA gamers to fully utilize the game’s multiplayer features.

Well-known YouTubers such as W2S, Nick28T, MattHDGamer, Bateson87 and NepentheZ have, between them, nearly 10 million subscribers and they have all had their accounts compromised.

A prominent YouTuber and gamer, Nick28T said:

“Basically, someone called in pretending to be me…and got into my account.

Matthew Craig, aka MattHDGamer on YouTube, told the BBC:

“There have been about 10 or more accounts which have been hacked over the last two weeks, me included.”

Somewhat surprisingly in his case, valuable players such as Portugal and Real Madrid’s Ronaldo, worth 3.4 million Fifa coins (approx. $1,200) were discarded.

The Ultimate Team mode in the Fifa series has players building squads through game-time and the acquisition of Fifa coins which can be purchased with real-world money, giving it real-world value and making it a target for opportunists and hackers.

EA acknowledged the hack and a representative speaking for the company said:

“We encourage all Fifa players to secure their accounts with authentication and verification steps, which we outline on our help and our product sites.

We are consistently working through our customer experience teams to secure accounts and make sure players are educated when account compromises are made.”

Craig adds that EA has since apologized to him and quickly moved to add “four or five more security measures” along with giving him his account back.

Image from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4 stars on average, based on 1 rated postsSamburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.




Feedback or Requests?

Altcoins

Crypto Market Development: South Korea’s National Policy Committee Chair Calls For ICO Legalization

Published

on

  • A member of South Korea’s governing Democratic party and the chairman of Korea’s National Policy Committee, Min Byung-Doo, is urging to ease the current regulations on Initial Coin Offerings (ICOs).
  • Min Byung-Doo wants to introduce necessary regulatory framework, allowing ICOs in the country.

Allow ICOs In South Korea

The South Korean National Policy Committee Chief, Min Byung-Doo, is calling for a regulatory framework to be explored. This would be to allow for Initial Coin Offerings (ICOs) to take place within the country. He stated that the current prohibiting of ICOs weakens the industry’s competitiveness appeal with foreign markets. Further boldly adding, this would be preventing growth.

In his statement at to lawmakers, Byung-Doo said, “We can see that the flow of investment is clearly changing compared to ICO and angel fundraising. The ICO has raised $1.7 billion for Telegram and $4 billion for Block.One, it is getting bigger and bigger.”

Further in the statement, Min Byung-Doo said, “Let the government, the National Assembly and the blockchain association quickly create a working group to block fraud, speculation, money laundering and develop the block-chain industry,”. However, he acknowledged the government’s reluctance to create the needed framework.

In September 2017, the Financial Services Commission in South Korea announced a ban on ICOs. The law has not yet been enacted.

Crypto Market Reaction

A lack of reaction has been observed for now, despite this determination to help further legitimize the digital currency market in South Korea. Crypto market developments in the country are always watched very carefully. This is given their large crypto market participation. It was reported in December 2017 that South Korea accounted for as much as 17% of all Ethereum trades occurring in cryptocurrency markets.

Market Reactions To South Korean Related News

Ripple (XRP) crashed in January, following CoinMarketCap’s decision to remove XRP price data from Korean exchange desks. This as a result largely brought down the total average.

XRP/USD Coinmarketcap update triggered drop

On 11th January, Korean crypto exchange Coinrail was hacked, and over $40 million in tokens were stolen. Bitcoin initially dropped over 11% on this.

BTC/USD Coinrail hack triggered drop

One final example, UPbit, a South Korean exchange, was investigated by authorities for illicitly moving customer funds to the account of its executives. Bitcoin initially dropped over 7% on the news.

BTC/USD UPbit investigation triggered drop

Given the above mentioned, one should keep an eye on any developments coming out of South Korea, for the foreseeable future.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5 (1 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 30 rated postsKen has over 8 years exposure to the financial markets. During a large part of his career, he worked as an analyst, covering a variety of asset classes; forex, fixed income, commodities, equities and cryptocurrencies. Ken has gone on to become a regular contributor across several large news and analysis outlets.




Feedback or Requests?

Continue Reading

Altcoins

Crypto Market Update: Japan’s Self-Regulatory Group (JVCEA) Readying Tighter Rules on Digital Assets

Published

on

  • A group of cryptocurrency exchange operators in Japan is readying to tighten up measures following recent cyber breach.
  • Action follows reported hack earlier in the month; cryptocurrency exchange Zaif lost an estimated $59.67 million.

Self-Regulatory Group Set To Tighten Rules

The Japan Virtual Currency Exchange Association (JVCEA) is exploring new rules to safeguard against cyber theft, including setting a cap on the amount of digital currencies managed online. This is citing informed sources, being reported by local news outlet, the Japan Times.

Informed sources detailed that the cap will likely to be around 10 – 20% of customer deposits. The JVCEA are said to be soon revising its rules, which were originally drawn up in June following multiple cyber attacks. These will be implemented once all has been approved by the Financial Services Agency. This is as part of the payment services law process in the country.

The move likely received large motive due to the reported hack earlier in September. The Japanese start-up Tech Bureau said that its cryptocurrency exchange, known as Zaif, had been hacked. Losses were estimated around $59.67 million of Bitcoin and two other digital currencies -Bitcoin Cash and Monacoin.

Market Reaction

No initial reaction was observed across the cryptocurrency market on this latest update, coming out of Japan as of Sunday 30th September. Despite this, however, Japan and crypto sell-off are not uncommon to have been used in the same sentence over the past years and even months. This means volatility could be in store for digital assets in the short term.

Back in January of this year, the largest reported hack on a Japanese exchange took place with Coincheck losing $530 million worth of NEM in a coordinated attack. This incident massively spooked the market, and was  a heavy contributor to the large sell-off in January. As we’ve observed over the past eight months, the market has yet to reclaim January’s peak (although this can’t be solely attributed to the theft). At the time, South Korea’s Attorney General had already spooked investors with FUD related to the possible banning of digital currencies in the country.

Against this backdrop, investors are advised to pay attention to Japan-related volatility.

BTC/USD weekly chart

Most recently, looking in the month of June, another sell-off was seen. This one came after Japan’s financial regulator ordered several cryptocurrency exchanges to improve their practices against money laundering. The action led bitFlyer — the country’s largest crypto exchange — to suspend new account creation. This was initiated to improve internal processes in order to curb money laundering and terrorist financing.

Disclaimer: The author owns bitcoin, Ethereum and other cryptocurrencies. He holds investment positions in the coins, but does not engage in short-term or day-trading.

Featured image courtesy of Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5 (1 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

4.5 stars on average, based on 30 rated postsKen has over 8 years exposure to the financial markets. During a large part of his career, he worked as an analyst, covering a variety of asset classes; forex, fixed income, commodities, equities and cryptocurrencies. Ken has gone on to become a regular contributor across several large news and analysis outlets.




Feedback or Requests?

Continue Reading

Cyberespionage

North Korea is now Targeting Crypto Users with Macs

Published

on

AppleJeus Malware Hack

The Lazarus group has earned quite a reputation for themselves in cyber-security circles.

This group of North Korean hackers have been responsible for some of the most well known intrusions in the past few years. For example, they were behind the Sony Pictures hack in 2014, the Bangladesh central bank heist in 2016 and the Wannacry ransomware outbreak in 2017.

It is safe to say that these are quite effective operators.

However, with the popularity of cryptocurrencies, the Lazarus group has changed their attack vectors and are targeting every day users with Malware.

The latest report now has the hackers using MacOS malware to hoover up information from those cryptocurrency users who work on Macbooks.

“AppleJeus”

This was the first time that the Lazarus group has developed malware to target Mac users. Indeed, Mac operating systems are far less susceptible to Malware than Windows based systems.

It was a surprise for researchers at Kaspersky Lab to have learned about the latest Lazarus attempt to target users with there macOS malware. They have labelled it “AppleJeus”.

This was first spotted on machines that were being used by cryptocurrency company in Asia. Indeed, this is no coincidence as the Lazarus group has often targeted cryptocurrency related businesses and exchanges in South Korea.

How Does it Work?

AppleJeus hides itself inside the code of a seemingly legitimate piece of cryptocurrency trading software called Celas Trade Pro. The user will download the app from the website of the developer. When it is first downloaded, there are no signs that anything could be off. The app appears to operate normally.

Celas Trade Screenshot

Screenshot of Celas Trade, the offending program. Source: kaspersky labs

Once the app is installed on the device, it will request to update the software. This sort of request is present in authentic software and as such will not trigger any alerts. However, there is malicious code that is inside of this update.

The moment that the update is installed, it will scan the computer and gather as much information as possible. This will then be sent back the hacker’s server so that they can make a decision on whether the person is worth attacking.

If they think that there is valuable information (or cryptocurrency) on the machine then they will instruct the software to install a trojan called “Fallchill”. For those who do not know, Trojans are malicious malware that will install a “backdoor” into the machine

Fallchill is a particularly robust trojan and can gather a great deal of information from the machine. This includes data such as financial information, login credentials and of course, information about cryptocurrency trading accounts.

Once the hackers have this personal information, they can either access your online accounts or they can conduct other spear phishing attacks against you. It is indeed a troubling development and according to Vitaly Kamluk of Kaspersky:

“For macOS users this case is a wakeup call, especially if they use their Macs to perform operations with cryptocurrencies”

So now that you know North Korea is actively trying to get their hands on your cryptocurrency, how do you protect yourself?

Keeping Safe from AppleJeus

The most effetive way to protect yourself from this Malware is to make sure that you only download software that is well known and reputable. This of course goes without saying but it is far too often that relatively inexperienced cryptocurrency traders will avoid doing their research.

The researchers have recommended that people and businesses do not download the software of Celas Trade. Even though they appear to have a a good reputation and verified digital certificates, this cannot be fully trusted.

You should also consider investing in some effective anti-malware software that you should use to scan all files that you have downloaded. This should be done even if you trust the source because hackers have been known to infiltrate trusted websites.

Cryptocurrency Security 101

Even if you are unlucky enough to have your machine infected with crypto grabbing malware, basic crypto security best practices will still protect you.

If you do a great deal of online trading with your cryptocurrency then it is essential that you secure your accounts with 2 factor authentication. This way, you are at least able to reduce the number of attack vectors.

You should always secure your large cryptocurrency holdings in hardware wallet. This is because the wallets operate external from the machine and hence the trojan cannot read your private key information.

Caution and a healthy does of scepticism will protect you from the an unhealthy does of AppleJeus.

Featured Image via Fotolia.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.
Loading...

5 stars on average, based on 5 rated postsNic is an ex Investment Banker and current crypto enthusiast. When he is not sitting behind six screens trading Bitcoin, he is maintaining his numerous mining rigs.




Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending