One of the leading cryptocurrency exchanges, which recently underwent a failed attempt to hack, revealed some information about the investigation of the Viacoin artificial pumps and the location of hackers. So, after analyzing the list of domains serving phishing copies of crypto-exchange services and comparing them with the IP-address (22.214.171.124), which was used to create API keys, Binance discovered that the attack was made from Russian Lipetsk.
In Binance stressed that attackers could use VPN-services to hide their personalities and location, which implies that Lipetsk can only be a cover. Nevertheless, the representatives of the exchange are almost sure that hackers live in Eastern Europe.
As stated in the statement, the operation was most likely carried out by a group of hackers, but Binance does not completely exclude the possibility that the organization is dealing with a single person.
The two domains to which most phishing sites are tied are registered with a certain Kireev Sergey Valerievich and Victoria Belinskaia. These domains have already surfaced in the case of the phishing site of the Bittrex cryptoexchange.
Recall, Binance promised a reward of $ 250,000 for information that could lead to the detention of hackers.