The extracted funds get currently valued at approximately €7 million in bitcoin and ether. A 2gether employee downloaded a pirated movie that concealed Trojan malware.
A Trojan malware hidden in a pirated movie led to the computer system of the 2gether exchange, which suffered a trojan attack and millionaire extraction of bitcoin and ether back in 2020; the Civil Guard from Spain highlighted that it was a highly advanced attack.
The police force revealed that the Cybercrime Department team captured five people linked to the attack in an official statement. Local media highlighted that it could be the first case of this type cleared up by the Iberian authorities.
2gether, a Madrid-based startup that focuses on purchasing, selling, and custody services for bitcoin and other digital assets, was the target of a cyberattack at the end of July 2020.
The directors stressed that the attackers extracted many cryptocurrencies, mostly bitcoin and ether, valued between 1.2 and 1.3 million euros. According to the authorities, the stolen items currently have a value of EUR 6 million.
By implementing an operation named Operation 3Coin, the Iberian police unveiled that the attackers used a computer virus type RAT to enter the internal network of 2gether. The virus gained access through the exchange’s system after an unsuspecting employee downloaded a pirated superhero film from a non-secure website onto a work computer.
A Planned Hack
The attackers took at least six months to study how the cryptocurrency company works before carrying out the illicit activity. According to the statement, “once they discovered all the procedures, features and structure of the entity, they spotted the weak points and accessed the system using an interposed computer network to command the transfer of the assets to a wallet.
The investigation opened new doors for the authorities to detect and arrest the website operator from which the Trojan malware got distributed. Subsequently, the investigators spotted the other four people, who supposedly received part of the extracted assets.
On the other hand, this week, the police initiated new investigations that involved another individual, who was supposedly posing as applying control over the leader of the group through the consumption of illicit drugs usually related to rituals like the Sapo Bufo, which is an initiation ritual with a hallucinogen drug.
The 2gether attack damaged at least 5,500 users trading on the network. The company had to deal with many complaints from users harmed by the attack; these users even tried to file a class-action lawsuit. On the other hand, To maintain its activities, the company opted for crowdfunding, through which it already collected at least EUR 1.2 million.
By: Jenson Nuñez
