Korean cryptocurrency traders are warned not to be lured to fake Korbit and Coinone cryptocurrency exchange sites, as the two cryptocurrency exchange sites have been under phishing attacks from unnamed hackers.
According to industry sources, cryptocurrency exchange Korbit on Jan. 20 alerted traders of the phishing attacks, warning them not to get access to the fake site with a domain name of korbit-kr.com. They are also warned against cheating them out of their accounts.
The fake domain site was tracked by the bchain Korea's blockchain and cryptocurrency-dedicated online news media with the help of KISA (Korea Internet & Security Agency) to find its origin county of registration, and the tracking results show that it was registered in Brazil. Its IP address was tracked to be located in Utah, the U.S.
Coinone was found to fall victims to similar phishing attacks, too, as similar domain name of coinone-kr.com has feigned to serve as a real Coinone platform.
Just search Google for Coinone, and you can fsee a disguised ad pop up, claiming itself an ad for Coinone.
If you click it, you are directed to ‘tuttomotooo.joomla.com’ site and then redirected to the phishing domain site of cpinone-kr.com. The fake site was also tracked to be registered in Sao Paulo, Brazil.
Coinone said, “The site is fake one. We have been monitoring continuously it, and found that fake sites have been mushrooming across Google, luring traders to get access to them. You must be very careful.”
Once traders get access to those fake phishing sites, their personal information are in danger to be hacked or stolen, including login ID and passwords, due to a hidden malware and then their crytocurrency accounts are put to risks of being unsafely exposed to hackers’ attacks for thefts.
The phishing attacks are nothing new to Korean cryptocurrency platforms. On Sept. 4 and 7, 2018, CoinOne was exposed to similar phishing attacks, as a fake domain name “ontouch.co.br” was disguised to work as a genuine Coinone platform domain.
UPbit also alerted traders of fake phishing site in July 2018, which feigned to operate as a genuine one, trying to direct traders to a domain name of kakao.network, which is very similar to Korea’s famous social media network platform.