How Hackers Are Trying So Hard To Steal Your Startup’s Funds

A fresh round of seed funding for your startup from a venture capital is a big reason to celebrate. However, don’t start to celebrate too early. This is because experienced hackers are now trying their hands on bigger targets — seed funds of startups. In a real life scenario, cyber security firm Check Point revealed that a Chinese venture capital firm and an Israeli startup were recently duped of $1 million through a classic “Man-In-The-Middle (MITM) attack”. 

Read also: North Africa And Middle East Focused BECO Capital Closes New $100m Startup Fund

While the Chinese venture capital firm actually wired $1 million to the startup, the young Israeli CEO and CFO never received it. Check Point did not reveal the names of both parties as it is investigating the fraud.

A day on the internet, according to the World Bank — Source: World Bank, World Development Report 2016 team, http://www.internetlivestats.com/one-second (as compiled on May 29, 2015)

“A Chinese venture capital firm was alerted by their bank that there was an issue with one of their recent wire transactions. A few days later, a young Israeli startup realised they didn’t receive their $1 million seed funding. Both sides got on the phone and quickly realized that their money was stolen,” said Check Point in a statement. 

Both parties were quick to figure out that something strange going on with the emails between their emails. “Some of the emails were modified and some were not even written by them,” it said. 

Read also: South African logistics startup Droppa receives funding from IDF Capital for expansion

Check Point revealed that a few months before the money transaction was made, the attacker noticed an email thread announcing the upcoming multi-million dollars seeding fund and decided to intervene

 
“Instead of just monitoring the emails by creating an auto forwarding rule, as is seen in the usual BEC (Business Email Compromise) cases, this attacker decided to register 2 new lookalike domains. The first domain was essentially the same as the Israeli startup domain, but with an additional ‘s’ added to the end of the domain name. The second domain closely resembled that of the Chinese VC company, but once again added an ‘s’ to the end of the domain name,” it reported. 

“The attacker then sent two emails with the same headline as the original thread. The first email was sent to the Chinese VC company from the Israeli lookalike domain spoofing the email address of the Israeli startup’s CEO. The second email was sent to the Israeli startup from the lookalike Chinese VC company domain spoofing the VC account manager that handled this investment,” it explained. 

Incidence of cyber attacks on UK firms -Source: UK Government.

Read also: Nigerian Fintech Startup Migo Raises $20 million Funding For Expansion

This is how the attacker was able to carry out the classic “Man-In-The-Middle (MITM) attack.” Every email sent by each side was in reality sent to the attacker, who then tweaked the conversation as per his needs and diverted the money. “Throughout the entire course of this attack, the attacker sent 18 emails to the Chinese side and 14 to the Israeli side,” it added.

 

Charles Rapulu Udoh

Charles Rapulu Udoh is a Lagos-based Lawyer with special focus on Business Law, Intellectual Property Rights, Entertainment and Technology Law. He is also an award-winning writer. Working for notable organizations so far has exposed him to some of industry best practices in business, finance strategies, law, dispute resolution, and data analytics both in Nigeria and across the world