Finance
Fake Bitcoin Sites Use Names of Singapore Leaders to Solicit Investments, Japan’s Cryptocurrency Exchange Loses US$62 Million In Hack
18 - 25 September 2018
The Monetary Authority of Singapore (MAS) found three fake bitcoin sites that were using the names of Singapore leaders–Prime Minister Lee Hsien Loong and Deputy Prime Minister Tharman Shanmugaratnam–to solicit investments.

The Monetary Authority of Singapore (MAS) found three fake bitcoin sites that were using the names of Singapore leaders–Prime Minister Lee Hsien Loong and Deputy Prime Minister Tharman Shanmugaratnam–to solicit investments. The fake sites used fabricated comments attributed to the leaders and touted the profitability of bitcoin investments. The MAS warned the public to be cautious of such sites and avoid divulging financial or personal information on these sites.
Japanese cryptocurrency firm Tech Bureau Corp said it lost US$62 million worth of digital currencies after its Zaif exchange was hacked on 14 September. Hackers had stolen three types of cryptocurrencies–Bitcoin, MonaCoin and Bitcoin Cash–from the firm’s hot wallets, which are cryptocurrency addresses where funds for immediate transactions are held. Investigations are ongoing.
References:
[1] PM Lee warns of bitcoin scam site using his name
[2] Second site flagged for using fake comments attributed to DPM Tharman to solicit bitcoin investments
[3] Japan's hacked crypto exchange says US$62 million worth of coins stolen
[4] Zaif cryptocurrency exchange loses $60 million in recent hack
Japanese cryptocurrency firm Tech Bureau Corp said it lost US$62 million worth of digital currencies after its Zaif exchange was hacked on 14 September. Hackers had stolen three types of cryptocurrencies–Bitcoin, MonaCoin and Bitcoin Cash–from the firm’s hot wallets, which are cryptocurrency addresses where funds for immediate transactions are held. Investigations are ongoing.
References:
[1] PM Lee warns of bitcoin scam site using his name
[2] Second site flagged for using fake comments attributed to DPM Tharman to solicit bitcoin investments
[3] Japan's hacked crypto exchange says US$62 million worth of coins stolen
[4] Zaif cryptocurrency exchange loses $60 million in recent hack
More Weekly Cyber Newsanalysis and insights

Weekly Comments
MageCart skimmer attacks continue to be in the limelight this week. Online tech retailer Newegg and ABS-CBN, one of the largest media and entertainment groups in the Philippines, are the latest MageCart victims after attackers injected the skimmer on their websites to pilfer credit card details.

Financial Aid Office of U.S. Department of Education Hit By Phishing Attack
The U.S. Department of Education’s financial aid office was hit by a phishing campaign that attempted to obtain access to student accounts at several colleges.

ABS-CBN Sites Compromised By MageCart Skimmer, China Arrests Suspect For Huazhu Group Data Breach
ABS-CBN, one of the largest media and entertainment groups in the Philippines, took down two of its online shopping sites last week after they were found infected by the MageCart skimmer.

KrisFlyer Air Miles Sold in Dark Web Marketplaces, Chinese Police Arrest 21 Over Data Theft at Alibaba’s Delivery Arm
Comparitech, a UK tech research company, found several dark web marketplaces peddling frequent flyer miles from airline reward programmes, including Kris Flyer, Delta SkyMiles, and British Airways.

Suspected Pegasus Spyware Infection Found in Singapore, ICA Warns of Fake Visa Application Site
Researchers found suspected infection of the Pegasus spyware in 45 countries, including Singapore.

SingHealth Cyber Attacker Entered Network In August Last Year, TheDarkOverLord Resurfaces With Stolen Patient Records
Further investigation into the cyberattack on SingHealth, which compromised the personal and health data of 1.5 million patients, showed that the attacker had entered the healthcare group’s network as early as August last year by infecting workstations with malware.
Ensign Consulting
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services
Ensign Labs
Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence