Hacking of an electronic currency exchange service

The owners of a e-currency exchange service contacted the HackControl team regarding the hacking of their exchange’s API and the theft of electronic cash. Cyber Investigation of this incident discovered the exploitation of a HeartBleed vulnerability and a number of other vulnerabilities, including weak passwords, that had helped the attacker get a root access to the server. This gave them access via API to the  Perfect Money payment system, allowing them to transfer funds to a fake wallet and then exchange them for bitcoins.

We did a full security audit of the server, removed third-party code and shells, updated software, connected Cloudflare CDN and configured a firewall and special nginx server security headers.

Additionally, we:

  • Added  extra verification for suspicious payments
  • Configured security certificates to enter on the website
  • Configured access control lists 
  • Configured access to the server with a key instead of a passwords

Our team of security engineers tested the logical part of the system, updated  access to accounts, recovered passwords and helped with the administration of some of the resources. 

Contact us