One of the leading crypto-currency exchanges, which recently experienced a failed hacking attempt, revealed some information about the investigation of the Viacoin artificial pampas and the location of hackers. Thus, after analyzing the list of domains serving phishing copies of cryptoexchange services and comparing them with the IP-address (220.127.116.11), which was used to create API keys, Binance discovered that the attack was made from Russian Lipetsk.
Binance stressed that attackers could use VPN-services to hide their personalities and location, which implies that Lipetsk can only be a cover. Nevertheless, the representatives of the exchange are almost sure that hackers live in Eastern Europe.
As stated in the statement, the operation was most likely carried out by a group of hackers, but Binance does not completely exclude the possibility that the organization is dealing with a single person.
The two domains to which most phishing sites are tied are registered with a certain Kireev Sergey Valerievich and Victoria Belinskaya. These domains have already surfaced in the case of the phishing site of the Bittrex crypto exchange.