Secretive Hacking Group Targeted Bitcoin Firms, Research Shows

A secretive hacking group known as Wild Neutron has targeted a range of businesses worldwide including bitcoin companies.

AccessTimeIconJul 9, 2015 at 7:56 p.m. UTC
Updated May 9, 2023 at 3:02 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

A secretive hacking group known as Wild Neutron has targeted a range of businesses worldwide including bitcoin companies, two top cybersecurity firms have reported.

Twin studies published by Kapersky Lab and Symantec state that the group, alternatively known as Morpho or Jripbot, has been involved in a number of high-profile attacks on companies like Apple, Google and Facebook, among many others.

  • SEC Asking for Ether ETF Filings Update Is 'Somewhat Surprising': Legal Expert
    00:38
    SEC Asking for Ether ETF Filings Update Is 'Somewhat Surprising': Legal Expert
  • MOG Rallies on Anticipation of Spot Ether ETF Approval
    00:56
    MOG Rallies on Anticipation of Spot Ether ETF Approval
  • Ether Jumps on Spot ETF Hopes; Hex Trust Issues Stablecoin on Flare
    01:59
    Ether Jumps on Spot ETF Hopes; Hex Trust Issues Stablecoin on Flare
  • 'Sky Is the Limit' for Bitcoin: Expert
    00:53
    'Sky Is the Limit' for Bitcoin: Expert
  • While no specific firms were named, Kapersky released an infographic including bitcoin companies among a list of businesses targeted by the shadowy group.

    Kapersky Graph
    Kapersky Graph

    The group, which the security firms suggest is not backed by any particular nation-state and appears to be focused on stealing corporate secrets, has also targeted jihadist forums, spyware developers and firms involved in finance, mergers and acquisitions and information technology.

    Research director Costin Raiu said in a statement:

    “Wild Neutron is a skilled and quite versatile group. Active since 2011, it has been using at least one zero-day exploit, custom malware and tools for Windows and OS X. Even though in the past it has attacked some of the most prominent companies in the world, it has managed to keep a relatively low profile via solid operational security which has so far eluded most attribution efforts."

    The group first emerged in 2013, and according to Symantec's research, has targeted firms based primarily in the US, Canada and Europe. Kapersky reported that, as of now, the origin of Wild Neutron "remains a mystery".

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.