- Topic
141 Popularity
157 Popularity
14k Popularity
90 Popularity
39k Popularity
8k Popularity
16k Popularity
7k Popularity
3k Popularity
94k Popularity
- Pin
- 🚨 Gate Alpha Ambassador Recruitment is Now Open!
📣 We’re looking for passionate Web3 creators and community promoters
🚀 Join us as a Gate Alpha Ambassador to help build our brand and promote high-potential early-stage on-chain assets
🎁 Earn up to 100U per task
💰 Top contributors can earn up to 1000U per month
🛠 Flexible collaboration with full support
Apply now 👉 https://www.gate.com/questionnaire/6888
- 🔥 Gate Square #Gate Alpha Third Points Carnival# Trading Sharing Event - 5 Days Left!
Share Alpha trading screenshots with #Gate Alpha Trading Share# to split $100!
🎁 10 lucky users * 10 USDT each
📅 July 4, 4:00 – July 20, 16:00 UTC+8
Gate Alpha 3rd Points Carnival Issue 10 is in full swing!
Trade and post for double the chances to win!
Learn more: https://www.gate.com/campaigns/1522alpha?pid=KOL&ch=5J261cdf
- 🎉 [Gate 30 Million Milestone] Share Your Gate Moment & Win Exclusive Gifts!
Gate has surpassed 30M users worldwide — not just a number, but a journey we've built together.
Remember the thrill of opening your first account, or the Gate merch that’s been part of your daily life?
📸 Join the #MyGateMoment# campaign!
Share your story on Gate Square, and embrace the next 30 million together!
✅ How to Participate:
1️⃣ Post a photo or video with Gate elements
2️⃣ Add #MyGateMoment# and share your story, wishes, or thoughts
3️⃣ Share your post on Twitter (X) — top 10 views will get extra rewards!
👉
Revealing Transnational Hacker Groups: $360 million in Crypto Assets Theft and Money Laundering Techniques
A confidential report from the United Nations shows that a hacker group stole funds from a certain crypto assets exchange last year and laundered $147.5 million through a certain virtual money platform in March this year.
The inspectors informed the United Nations Security Council Sanctions Committee that they are investigating 97 cyber attacks against crypto assets companies that occurred between 2017 and 2024, involving approximately $3.6 billion. This includes a $147.5 million theft incident that occurred at a crypto exchange at the end of last year, which completed the money laundering process in March of this year.
The United States imposed sanctions on the virtual money platform in 2022. In 2023, two co-founders of the platform were accused of assisting in money laundering of over $1 billion, involving funds related to a certain cybercrime organization.
According to a survey by a Crypto Assets analyst, the hacker group laundered $200 million worth of Crypto Assets into fiat currency between August 2020 and October 2023.
In the field of cybersecurity, this hacker group has long been accused of conducting large-scale cyberattacks and financial crimes. Their targets span the globe, from banking systems to Crypto Assets exchanges, from government agencies to private enterprises. Next, we will analyze several typical attack cases, revealing how this hacker group successfully implemented these astonishing attacks through its complex strategies and technical means.
Hacker group manipulates social engineering and phishing attacks
According to European media reports, the hacker group had previously targeted military and aerospace companies in Europe and the Middle East, posting recruitment ads on social media to deceive employees, asking job seekers to download a PDF with an executable file, and then carrying out phishing attacks.
Social engineering and phishing attacks attempt to exploit psychological manipulation to deceive victims into lowering their guard and performing actions such as clicking links or downloading files, thereby jeopardizing their security.
Their malware enables agents to target vulnerabilities in victims' systems and steal sensitive information.
The hacker group used similar methods in a six-month operation targeting a crypto assets payment provider, resulting in the company being stolen $37 million.
During the entire event, they sent fake job opportunities to engineers, initiated distributed denial-of-service and other technical attacks, and submitted many possible passwords for brute force cracking.
caused multiple attacks on cryptocurrency exchanges.
On August 24, 2020, a wallet from a certain Canadian crypto assets exchange was hacked.
On September 11, 2020, a certain blockchain project experienced unauthorized transfers of $400,000 from multiple wallets controlled by the team due to a private key leak.
On October 6, 2020, due to a security vulnerability, unauthorized transfers of Crypto Assets worth $750,000 were made from the hot wallet of a certain exchange.
In early 2021, the funds from various attack incidents were gathered into the same address. Subsequently, the attackers sent the funds to certain withdrawal addresses through multiple transfers and coin mixing operations.
The founder of a certain mutual insurance platform was attacked by a Hacker.
On December 14, 2020, the founder of a mutual insurance platform was hacked for 370,000 platform coins (approximately 8.3 million USD).
Stolen funds are transferred between multiple addresses and exchanged for other funds. Hacker groups carry out operations such as fund obfuscation, decentralization, and aggregation through these addresses. For example, part of the funds is transferred to the Bitcoin chain via cross-chain, and then transferred back to the Ethereum chain through a series of transfers, after which the funds are mixed using a mixing platform and then sent to a withdrawal platform.
From December 16 to 20, 2020, one of the hacker addresses sent over 2500 ETH to a mixing platform. A few hours later, based on characteristic associations, another address was found to have started withdrawal operations.
The hacker transferred part of the funds to the address for cashing out that was involved in the previous event through transfer and exchange.
Afterwards, from May to July 2021, the attacker transferred 11 million USDT to a certain exchange.
From February to June 2023, the attackers sent over 11 million USDT to different withdrawal platforms through multiple addresses.
Other DeFi platform Hacker attacks
In August 2023, the stolen ETH from two DeFi platform attack incidents was transferred to a certain mixing platform. After transferring the ETH to the mixing platform, the attackers immediately began withdrawing the funds to multiple addresses.
On October 12, 2023, the funds extracted from the mixing platform by these addresses were all sent to the same address.
In November 2023, this address began to transfer funds, which were eventually sent to multiple withdrawal platforms through intermediaries and exchanges.
Incident Summary
The above introduces the dynamics of this hacker group over the past few years and analyzes and summarizes their money laundering methods: after stealing crypto assets, the group basically obfuscates the funds by repeatedly transferring across chains and then into mixers. After obfuscation, they withdraw the stolen assets to target addresses and send them to fixed groups of addresses for withdrawal operations. The previously stolen crypto assets are mostly deposited into specific withdrawal platforms and then exchanged for fiat currency through over-the-counter trading services.
Under the continuous and large-scale attacks of this hacker group, the Web3 industry is facing significant security challenges. Security agencies need to continuously monitor this hacker group, track their dynamics and money laundering methods, and assist project parties, regulators, and law enforcement agencies in combating such crimes and recovering stolen assets.