KLAYSwap was designed to function as a high liquidity environment. Its instant exchange protocols are fully implemented in a chain. It is suitable for long-term investors seeking revenue from fees, as well as for short-term investors interested in producing the managing token KLAYSwap - KSP.
2022: Loss of $1.9 million as a result of a clever supply chain hack
On February 15, 2022, it became known that malefactors they stole about $1.9 million the South Korean cryptocurrency from the KLAYswap platform using a cunning breaking protocol BGP server to infrastructure in one of its suppliers.
_2022.png)
The South Korean KakaoTalk messenger underwent on February 3, 2022 the attack. Hackers used a technique known as BGP interception, which is usually used to intercept Internet routes and forward users to malicious sites.
The attack on KLAYswap is very different from typical hacks. cryptocurrency exchanges As a rule, in order to steal user money, attackers hack either the account of one of the exchange employees or the code of the platform itself. However, in the case of KLAYswap hackersattacked , it is not the exchange itself, but the server infrastructure of the KakaoTalk messenger used by the exchange for, marketing as well as for communication with users who have applied for technical support.
Attackers used an autonomous system - a system of IP networks and routers managed by one or more operators with a single routing policy. The goal of an autonomous system is to "advertise" Internet routes to show other autonomous systems what IP address spaces belong to it and what domains can be found in them. At the technical level, this happens through BGP routes, which autonomous systems continuously transmit to each other.
Using the fake autonomous system AS9457, attackers "advertised" the allegedly owned IP addresses serving developers.kakao.com - a domain included in the development infrastructure KakaoTalk and which is hosting for the official Kakao. SDK According to IB S2W, using BGP interception, hackers distributed a malicious version of the file JavaScript SDK. Users who wanted to download this file from the official developer site KakaoTalk received a malicious version.
The malicious file contained at the end additional code that was uploaded to the user's browser and waited for him to initiate a transaction on the KLAYswap site. Upon detecting the operation, the code intercepted the funds and sent them to the hackers' wallet, from where they were immediately withdrawn through the OrbitBridge and FixedFloat services.
On February 3, within two hours from 11:30 to 13:30, hackers stole cryptocurrency assets worth 2.2 billion Korean won (about $1.9 million), after which they themselves stopped the attack.[1]
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |