The theft of $600,000 from Fortress Trust, a digital asset custodian, has been linked to a phishing attack on a cloud vendor. According to a Reuters report, the funds were stolen from Fortress Trust on December 6th when attackers forged the credentials of a customer and used them to transfer funds from an outside account into one allegedly owned by the hacker.
The FBI has launched an investigation into the incident, which included analyzing digital evidence from the cloud vendor. The bureau reportedly traced the attack back to a phishing attack on the cloud vendor that was responsible for securing Fortress Trust’s accounts.
The FBI is reportedly working with the cloud vendor to determine how the attacker acquired access to the customer’s credentials. It is believed that the attacker targeted a weak link in Fortress Trust’s security chain. The criminal likely gained access to the cloud vendor’s credentials through the phishing attack and was then able to access Fortress Trust’s wallets and transfer the funds.
The stolen funds had reportedly been moved through multiple addresses before ending up in an unknown wallet. It is believed that the funds were then sent to a darknet market.
Fortress Trust is working with law enforcement and security experts to identify and recover the stolen funds. The company has also issued a statement urging customers to review its security measures and ensure that their credentials are secure.
Cryptocurrency thefts and scams have become increasingly common as digital asset investment has surged in recent years. It is essential that investors take the necessary steps to protect their digital assets and remain vigilant of any suspicious activity.