BTC-Alpha, a cryptocurrency exchange, was hit by ransomware earlier this month, and the company’s founder accused a rival. Last week, threat intelligence firm DarkTracer shared an image of a public leak site hosted by the Lockbit ransomware gang that claimed to have encrypted BTC-data Alpha’s on Twitter, sparking speculation about a possible attack.
Lockbit threatened to make the stolen information public if a ransom is not paid by December 1st. On the same day, Alpha founder and CEO Vitalii Bodnar issued a press release on PRLeap alleging that a rival cryptocurrency corporation carried out the assault. On its website, BTC-Alpha did not make any public statements.
In a Telegram discussion, BTC-Alpha revealed it had been “hacked at the November beginning,” but that work on the U.K.-based cryptocurrency network had already restarted. “Vitalii Bodnar believes that a rival was responsible for the attack,” Alpha said when questioned about Bodnar’s PR Leap statement. Though the firm did not say which rival it suspects is behind the attempt, more details about the event were shared on the exchange’s official Telegram channel.
BTC-Alpha advised customers to follow preventive measures after regular operations were restored. This involved upgrading the app, authenticating accounts, and confirming account verification when withdrawing cash, as well as establishing new API keys when the old ones were removed.
According to a Telegram video, all BTC-Alpha users will be required to use two-factor authentication (2FA), which is now obligatory. Furthermore, Alpha strongly advised against using a previous password since they believe it has been hacked.
While it does not seem that bitcoin exchanges are frequently targeted by ransomware, Emsisoft security expert Brett Callow claims this is not the first time. Many issues about the BTC-Alpha case remain unanswered, including whether file-encrypting ransomware was used and what types and volumes of data were taken.
