A cyberattack occurred on our system that was able to penetrate a vulnerable machine of a ‘Cashaa India OTC’ Employee. Within microseconds, all the funds in that account were wiped off in this first transaction signed.
Cashaa is a crypto-friendly neo-bank based in London providing banking services to businesses from the crypto industry. Cashaa is also dealing with Bitcoin OTC operations and working with all major exchanges in India.
There has been no security breach on Cashaa wallet or website (www.cashaa.com)
The incident occurred on 10th July 2020, with one of our OTC Transaction managers, positioned in East Delhi, India. On 8th July 2020, the employee had reported a machine malfunction with the systems provided to him by the company. Hence, he requested to operate from his personal computer and set up multiple alternative online wallets on various platforms like Blockchain.com, Huobi etc. We made an exception and allowed him to do so keeping ‘customer experience’ in mind for the ongoing OTC deals/transactions. After the mishap, the investigation team has secured the abused system for further investigation and the employee has been suspended until the end of the investigation.
Hackers got the control of our employee’s computer with active sessions opened in the browser. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. The Bitcoins were transferred to 14RYUUaMW1shoxCav4znEh64xnTtL3a2Ek (Bitcoin Blockchain Address) from where it is spreading into multiple wallets.
The local management of Cashaa India OTC came in action right after the issue was reported by that employee and conducted a preliminary investigation internally. They filed a cybercrime incident report to the Delhi Cyber Crime Bureau with acknowledgement number 20807200031555 under the cryptocurrency crime category.
We had reached out to the community for support with the facts we had identified in our internal investigation. Our motto was to make everyone aware of the incident and prevent the hacker from taking our funds by getting this address and all related transactions BLOCKED. All our partners and customers have joined together to give out a strong message to hackers that cashing out hacked Bitcoin is not going to be easy. We got successful confirmation from Indian exchanges such as WazirX, CoinDCX, BitBNS and international exchanges like Binance, Huobi, OKex, Bitfinix, MXC and many more who have blacklisted the hacker’s address.
We will conduct a thorough security review and policy checks on all our OTC managers globally as a safety precaution. The review will include all parts of our systems, policies and procedures through which OTC traders are managed. We will post updates frequently as we progress.
There is no interruption in our banking services across the globe; all accounts are working without any interruption. I thank everyone for the support and hard work.
-Kumar Gaurav
