Secretive Hacking Group Targeted Bitcoin Firms, Research Shows

Screen-Shot-2015-07-09-at-3.50.03-PM
9 July 2015

A secretive hacking group known as Wild Neutron has targeted a range of businesses worldwide including bitcoin companies, two top cybersecurity firms have reported.

Twin studies published by Kapersky Lab and Symantec state that the group, alternatively known as Morpho or Jripbot, has been involved in a number of high-profile attacks on companies like Apple, Google and Facebook, among many others.

While no specific firms were named, Kapersky released an infographic including bitcoin companies among a list of businesses targeted by the shadowy group.

Kapersky Graph

The group, which the security firms suggest is not backed by any particular nation-state and appears to be focused on stealing corporate secrets, has also targeted jihadist forums, spyware developers and firms involved in finance, mergers and acquisitions and information technology.

Research director Costin Raiu said in a statement:

“Wild Neutron is a skilled and quite versatile group. Active since 2011, it has been using at least one zero-day exploit, custom malware and tools for Windows and OS X. Even though in the past it has attacked some of the most prominent companies in the world, it has managed to keep a relatively low profile via solid operational security which has so far eluded most attribution efforts.”

The group first emerged in 2013, and according to Symantec’s research, has targeted firms based primarily in the US, Canada and Europe. Kapersky reported that, as of now, the origin of Wild Neutron “remains a mystery”.

Images via Kapersky Lab, Shutterstock