Recently, the popular Vietnamese crypto trading platform ONUS sustained a large-scale cyberattack after threat actors exploited its payment system running on a vulnerable Log4j version. ONUS provides multiple applications for buying, selling, and managing cryptocurrencies. In an official release, the company stated unknown hackers illicitly accessed and stole certain critical corporate data.
“Through a security hole, a third party was able to gain unauthorized access to and steal certain critical ONUS data,” ONUS said.
Log4j or Log4Shell is a critical vulnerability found in the widely used Apache Log4j Library. The flaw allows hackers to run any code on vulnerable machines or hack into any application directly using the Log4j framework.
Log4j Flaw Exploited
The intrusion allegedly exploited the infamous vulnerability in a set of libraries on the ONUS system to penetrate the sandbox server, which contains the organization’s critical data. The flaw enabled attackers to access the data storage system (Amazon S3) and steal some essential data, exposing many users’ data to security risks. The compromised information includes user names, email addresses, phone numbers, addresses, KYC information, encrypted passwords, transaction history, and other encrypted information.
Also Read: Log4j Explained: How It Is Exploited and How to Fix It
Mitigation
While the actors behind the attack are unknown, ONUS stated it had engaged a cybersecurity experts team to investigate the security incident. The company urged its customers to update their account credentials to prevent further damage immediately.
“To ensure our users’ safety, the ONUS team has actively worked with security experts to find vulnerabilities, thoroughly fix them, and implement additional methods to improve the whole system’s security. We also carried out an upgrade to the asset management and storage system (ONUS Custody). In addition, to limit the risks that may be encountered in the future, please change your ONUS application password,” ONUS added.
Also Read: Scammers Force Victims to Use Crypto ATMs and QR Codes
Crypto Platforms on Hackers’ Radar
Cryptocurrency exchanges and hot wallets continue to become a primary target for threat actors. Recently, the cryptocurrency trading platform BitMart stated that it had sustained a large-scale security breach that affected its hot wallets on the Ethereum (ETH) blockchain and the Binance smart chain (BSC). The attackers reportedly stole cryptocurrencies worth over $150 Mn. Blockchain security and data analytics firm PeckShield claimed that the estimated loss would be around $200 Mn.
