The world of cryptocurrencies is not new to the concept of a hack. However, a data breach isn’t heard of as much. Malta today reported the first case of privacy breach wherein the Trident Crypto Fund was the victim of a large-scale data leak, according to reports. According to the Technical Director of cybersecurity firm, DeviceLock, Ashot Oganesyan, the breach resulted in the leak of 10,000 users’ records and took advantage of vulnerabilities found on the foundation’s website.
According to the information provided by the Technical Director, the data of about 266,000 people registered with the fund was posted on numerous file sharing websites, post the hack. As per the report,
“…this is the largest data leak on crypto depositors from the Russian Federation. The database contains e-mails and passwords of customers, with the help of which fraudsters can log into their personal account and withdraw money invested in their electronic wallets.”
This database was posted online on 20 February and on 3 March, the hackers were able to decrypt and publish a list of 120,000 passwords. When one of the victims of the breach was reached out to, they confirmed a connection to Trident Crypto Fund. However, the user had not invested in the Fund and had merely registered for a seminar.
The fund appeared to offer its clients the top-10 crypto indexes to invest in which were calculated by the Fund. It claimed that an investment through it would incur high returns. As noted by the report, its fund index grew by 1400% in 2017 while BTC, in its bull run, had noted only 800% growth.
The report added takes from Alexei Krichevsky, an expert at the Academy of Finance and Investment Management, who noted that the leak took place from a crypto-fund which was not even in the top 20 of 900 crypto-funds. He added,
“…the infrastructure of both sites and the protection of cryptocurrency funds is simpler than, for example, banks and other financial companies. Therefore, further leaks can be expected in the future.”