We discovered that one of our employee wallets used for OTC trades was hacked. This event is not related to Cashaa UK, but Cashaa operations in India.
Cashaa is the largest crypto-friendly neo-bank based in London providing banking services to thousands of businesses from the crypto industry. Cashaa is also dealing with Bitcoin OTC operations and working with all major exchanges in India. Globally, all the relationship managers deal in Cryptocurrencies transactions and use the list of wallets which are approved by our security team.
There is no security breach found in Cashaa wallet or website (www.cashaa.com)
It was a malware attack which gave control of our employee computer with active sessions opened in the browser. So far more than 337 Bitcoins have been collected by the hacker which can spread to exchanges to convert it into national currency. The Bitcoin was collected to the address 14RYUUaMW1shoxCav4znEh64xnTtL3a2Ek from where it is spreading into multiple wallets.
The incident took place on 10th July 2020 with our relationship manager, currently located in East Delhi using a computer with a Windows operating system. On 2nd July 2020, the employee also reported to our IT team that his MacBook had issues and stopped working. Due to the unavailability of his work laptop, he started using his personal computer. We also found out that he stopped using the Multisig wallet after he started working from home due to COVID19 lockdown and switched to Blockchain.com wallet. Our team has taken a snapshot of his computer to do further investigation. The employee has been suspended for not following the company policies and procedures.
As soon as our employee found out that there were multiple transfers which he cannot recognise, he filed the cybercrime incident report to the Delhi crime bureau with acknowledgement number 20807200031555 under the cryptocurrency crime category.
All our partners and customers have joined together to give out a strong message to hackers that cashing out hacked Bitcoin is not going to be easy. We got successful confirmation from Indian exchanges such as WazirX, CoinDCX, BitBNS and international exchanges like Binance, Huobi, OKex, Bitfinix, MXC and many more who have blacklisted the hacker address.
There is no interruption in our banking services across the globe; all Business accounts are working without any interruption. However, we have stopped all the crypto transactions and users will not be able to withdraw cryptocurrencies until further notice.