Some executives of 360, China's largest security company, were sentenced to three years in prison and their probation periods were extended. The charges included exploiting the Yapi remote code execution vulnerability to gain unauthorized access to a cryptocurrency website and, surprisingly, stealing the 3015.9 Dash (DASH) altcoin.
The detailed scheme was revealed between February 9-20, 2023. Criminals identified as Hongmou, Yangmou and Zhangmou managed to infiltrate the target cryptocurrency website by exploiting the Yapi vulnerability. Once inside, they took control of intranet servers through horizontal infiltration and Trojan planting. They then downloaded and analyzed the server's source code to find the victim's cryptocurrency wallet address and private key.
With this information, they created a fake instruction to transfer cryptocurrencies from the victim's wallet. The stolen Dash coins were later exchanged for other cryptocurrencies and sold, generating more than 2.5 million yuan of illegal income.
DASH is trading around $23 at the time of writing. This means that the total value of the stolen DASH tokens is approximately 70 thousand.
*This is not investment advice.