ESET and Dutch Police Expose Cryptocurrency Theft Operations of Ebury Botnet

Dutch cybersecurity specialists have linked a major cryptocurrency theft to the infamous Ebury botnet, which was responsible for the compromise of more than 400,000 servers over a 15-year period.

According to a report from Slovakian cybersecurity firm ESET, the incident was initially discovered during a 2021 investigation conducted by the Dutch National High-Tech Crime Unit (NHTCU). During this investigation, agents found the Ebury botnet on a server linked to cryptocurrency theft.

After this revelation, the Dutch crime unit collaborated with ESET, led by researcher Marc-Etienne Léveillé, who had been studying Ebury for over a decade.

Ebury operators allegedly used a sophisticated attack called Adversary-in-the-middle (AitM) to steal crypto funds. The attack occurs with the botnet intercepting network traffic and capturing login credentials and session information.

“Cryptocurrency theft was not something we had ever seen done before,” Léveillé noted.

The botnet redirects this traffic to servers controlled by cybercriminals, allowing them to access and steal cryptocurrency from victims’ wallets. In its report, ESET revealed that over 100,000 people were infected as of 2023.

Ebury specifically targets Bitcoin and Ethereum nodes, stealing wallets and other valuable credentials. The botnet would steal funds once unsuspecting victims entered their credentials on the infected server.

ESET and Dutch Police Report Ebury Botnet Cryptocurrency Theft Operations - 1

Flowchart of Ebury attack on crypto wallets | Source: welivesecurity

Additionally, once the victim’s system was compromised, Ebury would extract the credentials and use them to infiltrate related systems. The report identified a wide range of victims ranging from universities, businesses, internet service providers and cryptocurrency traders.

Attackers also use stolen identities to rent servers and launch their attacks. Therefore, it is very difficult for law enforcement agencies to trace the identities of those behind this cybercrime racket.

“They’re really good at confusing attribution,” Léveillé added.

You might also like: Crypto.com “disappointed” by the $3 million fine imposed by the Dutch central bank and intends to appeal

An Ebury operator, Maxim Senakh, was arrested on the Finnish-Russian border in 2015 and was extradited to the United States. The US Department of Justice accused Senakh of computer fraud, to which he pleaded guilty in 2017. He was sentenced to four years behind bars.

While the masterminds behind Ebury remain at large, the NHTCU revealed that several leads are being followed.

Cryptocurrency thefts have become increasingly complicated over the years. Earlier this month, North Korean hackers used a new malware variant called “Durian” to specifically attack at least two cryptocurrency companies.

Previously, a January report from cybersecurity firm Kaspersky revealed that malware was targeting cryptocurrency wallets on MacOS.

To know more: Kraken Obtains Dutch License, Expands Crypto Services in Europe

Leave a Reply

Your email address will not be published. Required fields are marked *

Best Exchanges
Buy, trade, and hold 600+ cryptocurrencies on Binance
Buy, trade, and hold 450+ cryptocurrencies on ByBit
Buy, trade, and hold 150+ cryptocurrencies on Kucoin
Buy, trade, and hold 100+ cryptocurrencies on BitFinex 
Buy, trade, and hold 150+ cryptocurrencies on CoinBase

Guru Investing is an independent source of information about investing , not controlled by any broker. All our reviews and guides are created honestly, according to the best knowledge and judgement of the members of our independent expert team; however, they are intended for informative purposes only and should not be construed as, nor relied upon as, legal advice. You should always make sure that you meet all regulatory requirements before making any financial operations . Copyright ©2024 Email for contact [email protected]
follow telegram
pornhd.com hindisexyporn.com kashmiri girls sex jayasex indaporn.info desi bhabi xxx xlnindia sexo-vids.com 1st time sex video たかはししょうこ動画 javfuck.mobi 真正中出し3本番 彩乃なな sex film sexy film xxxhindividoes.com xnxx indian teens
ano nga ba ang pangarap iwantmoreteleserye.com hello heart episode 3 reshma hot saree images nuporn.mobi xvidies com bihar chudai tubezaur.mobi heroine photo hot dasixx hardcoreporntrends.com ileana d'cruz hot photoshoot www.xxxsexvideo.com xbeegtube.mobi hindi movi
www sxe vidoes erohardcore.info boops sucking dehati fuck kitporn.info chuk chuk rail fuckcomix.com mojoporntube.net gujaratisexvidio probinsyano october 18 2021 full episode freeteleseryetv.net ang probinsyano july 14 2022 قصص سكس كرتون cmsextra.net سكس بنات تخينة