Exchange employee downloads pirated film, hacker takes advantage of breach and steals $7 million from the company

An employee of cryptocurrency exchange 2gether ended up being responsible for a $7 million theft from the platform.

He downloaded a “freak” movie in which Trojan-type malware was hidden. Thus, through the pirated movie, the malware managed to penetrate the exchange’s systems and steal more than $7 million in BTC and ETH, as revealed in the final report of the Spanish Police investigation.

In an official statement, the police force said that the Department of Cyber ​​Crimes team had arrested five people suspected of being related to the hack.

Although the investigation and arrests took place on Wednesday (22), the attack on 2gether, a Madrid-based startup focused on cryptocurrency buying, selling and custody services, took place in late July 2020.

According to the communiqué,Through an operation called 3Coin, the police discovered that the attackers used a computer virus of the RAT (Remote Access Trojan) type to access 2gether’s internal network.

Cryptocurrency theft

Although the employee opened the door to hackers, the attackers revealed that they spent about six months investigating the company’s operation before committing the theft.

“Once they knew all the procedures, characteristics and structure of the company, the hackers accessed the system using an interposed computer network to order the transfer of assets to a wallet under their control,” the police said in the statement.

During an investigation into the company’s computers, the police were able to identify the website operator with which the malware communicated. Subsequently, investigators found the other four people, who allegedly received part of the stolen cryptocurrencies.

In addition, the police revealed that they began to investigate another person, who was allegedly “exerting control” over the leader of the group “through the consumption of drugs linked to a ritual called Sapo Bufo” (alleged initiation trip with a hallucinogen).

The 2gether hack affected around 5,500 users trading on the platform. The company had to face several complaints from those affected and even an attempt at class action.

To maintain its operation, the exchange resorted to crowdfunding, raising 1.2 million euros.