Hyundai Conglomerate’s Mining Pool Hacked

Avi Rosten
  • The company, part of a subsidiary of the giant Hyundai conglomerate suffered a hack to its mining pool
  • According to local media reports the company has suspended withdrawals for the time being

A prominent South Korean mining pool was hacked yesterday with the pool operator HDAC - a company operated by Hyundai BS&C, a subsidiary of the Korean car manufacturer’s conglomerate - forced to temporarily suspend withdrawals as a result.

Tokenpost, a local cryptocurrency news site in South Korea, reported that the mining pool suffered a server breach that allowed hackers access to the mining pool, and today confirmed that withdrawals are still on hold until the full scale and nature of the hack have been established.

Hyundai BS&C’s fintech wing - HyundaiPay - was quick to distance itself from the attack, commenting that:

“The cryptocurrency mining pool of HDAC has no connections to HyundaiPay and its ventures. The HyundaiPay team has no knowledge of the security breach and it does not intervene in the operations of the mining pool. The HDAC blockchain itself is not impacted by the breach,” a HyundaiPay spokesperson said.Currently, there are 299 individuals in the HDAC cryptocurrency mining pool and not all of the participants have been affected. While HyundaiPay cannot provide exact details in regards to the reach of the hack, the team estimates that the vast majority of miners have been affected.”

HyundaiPay

Blockchain in the Automotive Industry

This latest hack notwithstanding, the Hyundai conglomerate has been actively involved in the sector, developing blockchain networks and dencentralised applications.

While the conglomerate is yet to apply the tech to its automotive wing, other industry giants have been quick to get onboard with the new tech.

Earlier this month four of the world’s biggest car manufacturers - BMW, Ford, General Motors and Renault joined the Mobility Open Blockchain Initiative (MOBI) - a new blockchain research group that is attempting to make use of distributed ledgers to improve the industry, and boasts leading crypto partners such as the IOTA foundation.

Ledger User Allegedly Loses $16,000 to Malicious Browser Extension

A Twitter user going by WizardofAus has warned the cryptocurrency community a malicious browser extension is trying to steal from Ledger wallet users, and already took $16,000 from one.

According to the Twitter user, the extension “Ledger Secure” contains malware that passes users’ seed phrases to the extension’s creator, effectively giving them access to the funds stored on the Ledger wallet.

In one case the user mentioned, someone with the handle “hackedzec,” alluding to what happened, claimed the extension managed to steal a total of 600 ZEC from his wallet, worth around $16,000.

Ledger Support’s official Twitter account confirmed the malicious extension was indeed trying to phish users, and warned the cryptocurrency community. It further asked those who installed it to contact them.

WizardofAus advised other cryptocurrency holders to be “very careful” regarding the extensions they install on their browsers, adding that it’s better to “have a separate minimal machine - or use a Virtual Machine that is the only place you do crypto activity.”

Moreover, users should always confirm they’re using the wallet vendor’s proprietary software and double check what they’re using does indeed come from the vendor. Phishing scams are unfortunately nothing new in the cryptocurrency space, as these attacks even took $28,600 from users of the peer-to-peer exhcnage LocalBitcoins last year.

As CryptoGlobe reported, scammers have even created fake cryptocurrency trading websites to trick users into obtaining the login credentials of others on legitimate cryptocurrency exchanges. In one case, South Korean Authorities and the U.S. Federal Bureau of Investigation (FBI) uncovered a massive $800,000 phishing scam targeting XRP investors.

Featured Image Credit: Photo via Pixabay