In this talk, I plan to present overview of the recent APT attacks against employees of cryptocurrency exchanges. Attackers took extra care on its social engineering skills while also using advanced malware and two 0-day exploits. This talk will give an overview of the attack. It will explain what kind of social engineering tricks they used to deceive even skilled programmers, where hacked into a famous university's student/staff account to abuse their infrastructure for the social engineering. It will also include what kind of preparation were necessary for the attackers to plot this attack, how normal it looked to the victim, what tricks they used to avoid detection from security team, security team's capabilities/limitations/how we should protect our assets from these kind of attacks. And also, a brief analysis of the backdoors used.