NorthKoreaHackers
108,004 views
66 Discussing
Hot
Latest
💣Crypto Shockwave: CoinMarketCap Hacked & $11M Stolen by North Korea! 🧨
🚨 Millions at Risk! CoinMarketCap Breach + North Korean Hack Attack Explode Crypto Chaos 🔐
CoinMarketCap, the go-to crypto site for millions, suffered a shocking security breach on June 20. Hackers injected malicious JavaScript into the site’s rotating “Doodles” animation, which showed users a fake wallet “verification” pop-up. Anyone who clicked it was redirected to a wallet drainer named “Impersonator,” silently stealing tokens. The attack worked by exploiting the JSON configuration of the doodles, likely via a flaw in their animation engine. Although CoinMarketCap quickly removed the code and patched the site, many users who approved transactions could already be compromised. 😨
Security experts revealed that this was a highly planned attack, likely involving backend access, making it more dangerous than a typical scam. The malicious wallet address receiving funds has been identified, and crypto users are strongly advised to revoke any recent wallet permissions and stay alert when visiting familiar websites. One user summed it up on X: “You’re just checking a site you visit every day — no red flags, no warning. That’s what makes it so dangerous.” 🧠💻
On top of that, Taiwanese crypto exchange BitoPro also confirmed a $11 million hack linked to North Korea’s Lazarus Group. The hackers used social engineering to infect an employee's device, bypassed multi-factor authentication, and injected malicious scripts into the hot wallet system during a routine update on May 8. The stolen assets were moved across Ethereum $ETH , Solana $SOL , Tron $TRX , and other blockchains, then laundered through mixers like Tornado Cash. With threats from both front-end breaches and state-sponsored attackers, it’s a tough week for the crypto world. 🌍🔓
#CoinMarketCap #Hacked #NorthKoreaHackers
CoinMarketCap, the go-to crypto site for millions, suffered a shocking security breach on June 20. Hackers injected malicious JavaScript into the site’s rotating “Doodles” animation, which showed users a fake wallet “verification” pop-up. Anyone who clicked it was redirected to a wallet drainer named “Impersonator,” silently stealing tokens. The attack worked by exploiting the JSON configuration of the doodles, likely via a flaw in their animation engine. Although CoinMarketCap quickly removed the code and patched the site, many users who approved transactions could already be compromised. 😨
Security experts revealed that this was a highly planned attack, likely involving backend access, making it more dangerous than a typical scam. The malicious wallet address receiving funds has been identified, and crypto users are strongly advised to revoke any recent wallet permissions and stay alert when visiting familiar websites. One user summed it up on X: “You’re just checking a site you visit every day — no red flags, no warning. That’s what makes it so dangerous.” 🧠💻
On top of that, Taiwanese crypto exchange BitoPro also confirmed a $11 million hack linked to North Korea’s Lazarus Group. The hackers used social engineering to infect an employee's device, bypassed multi-factor authentication, and injected malicious scripts into the hot wallet system during a routine update on May 8. The stolen assets were moved across Ethereum $ETH , Solana $SOL , Tron $TRX , and other blockchains, then laundered through mixers like Tornado Cash. With threats from both front-end breaches and state-sponsored attackers, it’s a tough week for the crypto world. 🌍🔓
#CoinMarketCap #Hacked #NorthKoreaHackers
⚠️ Hacked by a Fake Job? North Korea’s New Malware Steals Your Crypto in Seconds! 💣💼
💣 New Malware Targets Blockchain Workers — Fake Jobs, Real Threats! 🧠🔐
North Korean hackers are at it again — this time with a sneaky new trick targeting professionals in the crypto industry! 🇰🇵💻 A hacking group known as “Famous Chollima” (aka “Wagemole”) has been using fake job offers to lure crypto experts into downloading a nasty piece of malware called PylangGhost. According to Cisco Talos, this malware is designed to remotely control your computer and steal passwords from crypto wallets and browser extensions like MetaMask, 1Password, and more. 😨🔑
These cybercriminals are impersonating major companies like Coinbase and Uniswap by setting up fake websites and posing as recruiters. Once victims are hooked, they’re guided through a bogus interview process and tricked into running malicious code on their system — all under the pretense of installing a “video driver.” Once the malware is in, it grabs login details, takes screenshots, steals data, and keeps the door open for further attacks. 📷📂🕵️
This isn’t the first time North Korean hackers have pulled this kind of stunt. Similar scams were seen in April, where fake recruitment tests were used to hack developers in the crypto space. As crypto adoption grows, so does the interest from cybercriminals. So, if you're job-hunting in the blockchain world, double-check those offers and never run unknown code — your crypto stash could depend on it! 🔒🛡️
#cryptohacks #NorthKoreaHackers $BTC
North Korean hackers are at it again — this time with a sneaky new trick targeting professionals in the crypto industry! 🇰🇵💻 A hacking group known as “Famous Chollima” (aka “Wagemole”) has been using fake job offers to lure crypto experts into downloading a nasty piece of malware called PylangGhost. According to Cisco Talos, this malware is designed to remotely control your computer and steal passwords from crypto wallets and browser extensions like MetaMask, 1Password, and more. 😨🔑
These cybercriminals are impersonating major companies like Coinbase and Uniswap by setting up fake websites and posing as recruiters. Once victims are hooked, they’re guided through a bogus interview process and tricked into running malicious code on their system — all under the pretense of installing a “video driver.” Once the malware is in, it grabs login details, takes screenshots, steals data, and keeps the door open for further attacks. 📷📂🕵️
This isn’t the first time North Korean hackers have pulled this kind of stunt. Similar scams were seen in April, where fake recruitment tests were used to hack developers in the crypto space. As crypto adoption grows, so does the interest from cybercriminals. So, if you're job-hunting in the blockchain world, double-check those offers and never run unknown code — your crypto stash could depend on it! 🔒🛡️
#cryptohacks #NorthKoreaHackers $BTC
North Korean Hackers Use Fake Job Applications to Target Crypto Workers with Malware
A North Korean state-linked hacking group is deploying a sophisticated cyber campaign aimed at infiltrating top crypto firms through fake job application processes, according to new research by Cisco Talos.
The group, known as Famous Chollima, is distributing a Python-based remote access trojan (RAT) dubbed PylangGhost, which is disguised as part of a fake hiring process. Victims—primarily blockchain professionals in India—are being lured via polished fake career sites impersonating companies like Coinbase, Robinhood, and Uniswap.
Once a candidate fills out basic information and completes a staged technical assessment, they’re prompted to run a terminal command that secretly installs the malware. The malicious code is bundled inside a ZIP file that contains a renamed Python interpreter (nvidia.py), Visual Basic scripts, and multiple modules enabling full system access, including file transfer, browser data theft, and credential harvesting.
The PylangGhost malware is a rewrite of the earlier GolangGhost RAT, retaining similar naming conventions and functionalities, but tailored for Windows systems. Mac users are still being targeted with the original Golang version, while Linux systems remain largely unaffected.
Cisco notes that while there's no direct evidence of corporate network compromise, the broader goal appears to be preemptive infiltration—gaining access to individuals before they’re hired into sensitive roles at major firms.
The malware’s design allows it to extract credentials, session cookies, and wallet data from more than 80 popular browser extensions, including MetaMask, Phantom, and 1Password. All data transfers are routed via RC4-encrypted HTTP packets—an outdated and vulnerable encryption method.
This campaign highlights the increasing sophistication of cyber operations linked to the DPRK, with malware now embedded in social engineering attacks targeting both individual and institutional actors in the crypto ecosystem.
#NorthKoreaHackers
The group, known as Famous Chollima, is distributing a Python-based remote access trojan (RAT) dubbed PylangGhost, which is disguised as part of a fake hiring process. Victims—primarily blockchain professionals in India—are being lured via polished fake career sites impersonating companies like Coinbase, Robinhood, and Uniswap.
Once a candidate fills out basic information and completes a staged technical assessment, they’re prompted to run a terminal command that secretly installs the malware. The malicious code is bundled inside a ZIP file that contains a renamed Python interpreter (nvidia.py), Visual Basic scripts, and multiple modules enabling full system access, including file transfer, browser data theft, and credential harvesting.
The PylangGhost malware is a rewrite of the earlier GolangGhost RAT, retaining similar naming conventions and functionalities, but tailored for Windows systems. Mac users are still being targeted with the original Golang version, while Linux systems remain largely unaffected.
Cisco notes that while there's no direct evidence of corporate network compromise, the broader goal appears to be preemptive infiltration—gaining access to individuals before they’re hired into sensitive roles at major firms.
The malware’s design allows it to extract credentials, session cookies, and wallet data from more than 80 popular browser extensions, including MetaMask, Phantom, and 1Password. All data transfers are routed via RC4-encrypted HTTP packets—an outdated and vulnerable encryption method.
This campaign highlights the increasing sophistication of cyber operations linked to the DPRK, with malware now embedded in social engineering attacks targeting both individual and institutional actors in the crypto ecosystem.
#NorthKoreaHackers
🚨 Security Alert: North Korean Developer Gains Access to Waves Protocol Codebase
According to PANews, a North Korean-linked developer has reportedly gained elevated access to the Keeper-Wallet codebase within the Waves Protocol.
🔍 Key Findings:
The developer account in question, 'AhegaoXXX', has been actively pushing updates since May 2025 to a previously dormant branch.
The account is reportedly tied to a North Korean IT outsourcing firm.
A code review flagged one update that could transmit wallet logs and runtime errors to an external database, raising concerns over mnemonic phrase and private key leakage.
🧪 Additional Threats:
Though the malicious code has not been merged, the attacker:
Published six outdated but malicious NPM packages
Gained access via the compromised account of former Waves engineer Maxim Smolyakov
🧠 Implications:
This incident signifies a tactical shift in North Korean cyber operations — from covert outsourcing participation to direct control of open-source codebases.
🛡️ Recommended Actions for Dev Teams:
Audit contributor permissions regularly
Remove or restrict dormant/unused accounts
Monitor code repository redirects and package updates
Implement robust supply chain defense mechanisms
⚠️ For Users:
While the number of affected downloads remains low, users updating the Keeper-Wallet may face credential exposure risks. Exercise caution and await official updates from the Waves team.
Stay alert. Strengthen your security posture. Supply chain attacks are evolving.
#CyberSecurity #CryptoSecurity #NorthKoreaHackers #BlockchainSecurity #CryptoClause
According to PANews, a North Korean-linked developer has reportedly gained elevated access to the Keeper-Wallet codebase within the Waves Protocol.
🔍 Key Findings:
The developer account in question, 'AhegaoXXX', has been actively pushing updates since May 2025 to a previously dormant branch.
The account is reportedly tied to a North Korean IT outsourcing firm.
A code review flagged one update that could transmit wallet logs and runtime errors to an external database, raising concerns over mnemonic phrase and private key leakage.
🧪 Additional Threats:
Though the malicious code has not been merged, the attacker:
Published six outdated but malicious NPM packages
Gained access via the compromised account of former Waves engineer Maxim Smolyakov
🧠 Implications:
This incident signifies a tactical shift in North Korean cyber operations — from covert outsourcing participation to direct control of open-source codebases.
🛡️ Recommended Actions for Dev Teams:
Audit contributor permissions regularly
Remove or restrict dormant/unused accounts
Monitor code repository redirects and package updates
Implement robust supply chain defense mechanisms
⚠️ For Users:
While the number of affected downloads remains low, users updating the Keeper-Wallet may face credential exposure risks. Exercise caution and await official updates from the Waves team.
Stay alert. Strengthen your security posture. Supply chain attacks are evolving.
#CyberSecurity #CryptoSecurity #NorthKoreaHackers #BlockchainSecurity #CryptoClause
See original
South Korea punishes 15 North Koreans for cryptocurrency theft and cyber theft
The sanctioned agents are accused of generating funds for North Korea's nuclear weapons development program.
North Korean hackers are being pursued by governments around the world and are blamed for over half of the cryptocurrency value stolen in 2024.
#NorthKoreaHackers
The sanctioned agents are accused of generating funds for North Korea's nuclear weapons development program.
North Korean hackers are being pursued by governments around the world and are blamed for over half of the cryptocurrency value stolen in 2024.
#NorthKoreaHackers
🚨 North Korea is likely behind the $1.5bn Bybit hack, researchers say:
🤔Is it's true 👇👇👇👇👇👇👇.
#BybitSecurityBreach #NorthKoreaHackers #Alert🔴 #Binance #market
🤔Is it's true 👇👇👇👇👇👇👇.
#BybitSecurityBreach #NorthKoreaHackers #Alert🔴 #Binance #market
Bybit Cold Wallet Hack & North Korea's 1.5 Billion ETH Strategic Reserves: A Coincidence or a Master Plan?
In a shocking development that has sent ripples through the cryptocurrency community, Bybit, one of the leading global crypto exchanges, has confirmed a massive hack targeting its cold wallet. The breach reportedly led to the theft of around 1.5 billion ETH, a staggering amount of digital assets, raising eyebrows across the industry. The news of the hack has shaken investor confidence, and security protocols for exchanges are now under intense scrutiny.
Adding another layer of intrigue, just days after the hack, North Korea made headlines by announcing the establishment of 1.5 billion ETH in its own "strategic reserves." While the details are still murky, sources suggest that this is a significant move by the North Korean regime to bolster its cyber capabilities, and some speculate that the two events may be linked.
With North Korea’s well-documented history of cyberattacks and digital asset thefts, the timing of these announcements has sparked speculation about potential involvement in the hack. The fact that both incidents revolve around 1.5 billion ETH has left many wondering: Is it a mere coincidence, or is there a larger geopolitical strategy at play?
Experts are divided on the issue. Some believe the breach could be the work of highly skilled hackers with access to sophisticated tools, possibly state-sponsored. Others think that North Korea’s announcement might be a propaganda play, leveraging the hack to highlight its growing influence in the digital currency space.
The situation remains fluid, but one thing is clear: as crypto evolves, the intersection of national security, cybersecurity, and digital currencies becomes increasingly complex. Investors and regulators alike will be watching closely to see how this saga unfolds.
#BybitSecurityBreach #NorthKoreaHackers #ETH $ETH $BTC $XRP
In a shocking development that has sent ripples through the cryptocurrency community, Bybit, one of the leading global crypto exchanges, has confirmed a massive hack targeting its cold wallet. The breach reportedly led to the theft of around 1.5 billion ETH, a staggering amount of digital assets, raising eyebrows across the industry. The news of the hack has shaken investor confidence, and security protocols for exchanges are now under intense scrutiny.
Adding another layer of intrigue, just days after the hack, North Korea made headlines by announcing the establishment of 1.5 billion ETH in its own "strategic reserves." While the details are still murky, sources suggest that this is a significant move by the North Korean regime to bolster its cyber capabilities, and some speculate that the two events may be linked.
With North Korea’s well-documented history of cyberattacks and digital asset thefts, the timing of these announcements has sparked speculation about potential involvement in the hack. The fact that both incidents revolve around 1.5 billion ETH has left many wondering: Is it a mere coincidence, or is there a larger geopolitical strategy at play?
Experts are divided on the issue. Some believe the breach could be the work of highly skilled hackers with access to sophisticated tools, possibly state-sponsored. Others think that North Korea’s announcement might be a propaganda play, leveraging the hack to highlight its growing influence in the digital currency space.
The situation remains fluid, but one thing is clear: as crypto evolves, the intersection of national security, cybersecurity, and digital currencies becomes increasingly complex. Investors and regulators alike will be watching closely to see how this saga unfolds.
#BybitSecurityBreach #NorthKoreaHackers #ETH $ETH $BTC $XRP
See original
🌐💰 Even North Korea is not safe from crypto traps! 💸🐸
In a mysterious move, North Korean hackers used the (hacked!) Tornado Cash interface to launder $3.1 million of stolen funds, only to later find out that they invested this amount in buying 437.6 billion of PEPE coins 🐸🚀. But the biggest surprise? 🤯 North Korea itself was scammed! It turned out they used a hacked version of the platform, resulting in the loss of some funds during the process! 🔥🎭
Even the most complex criminal minds cannot escape the madness of the crypto world! 🤡💥
#StablecoinSurge #TelegramFounderToLeaveFrance #KaitoXAccountHacked #pepe⚡ #NorthKoreaHackers $PEPE
In a mysterious move, North Korean hackers used the (hacked!) Tornado Cash interface to launder $3.1 million of stolen funds, only to later find out that they invested this amount in buying 437.6 billion of PEPE coins 🐸🚀. But the biggest surprise? 🤯 North Korea itself was scammed! It turned out they used a hacked version of the platform, resulting in the loss of some funds during the process! 🔥🎭
Even the most complex criminal minds cannot escape the madness of the crypto world! 🤡💥
#StablecoinSurge #TelegramFounderToLeaveFrance #KaitoXAccountHacked #pepe⚡ #NorthKoreaHackers $PEPE
**🚨 U.S. Targets Cambodian Company Aiding North Korea’s Crypto Crimes 💸**
The U.S. says Huione Group (Cambodia) helped North Korea’s hackers (Lazarus Group 👾) hide stolen crypto money. Quick facts:
- U.S. Move: Stop Huione from using U.S. banks 🏦 to block illegal crypto-to-cash schemes.
- $4 Billion Dirty Money :
→ 🐷 $36M from scams (people tricked into fake crypto deals).
→ 💻 $37M from North Korea’s stolen crypto.
- Secret Tool: Huione made USDH, a “stablecoin” tied to dollars that can’t be frozen 🚫, helping hide illegal cash.
- Cambodia Acted: Banned Huione’s crypto work in March 2024.
Why It’s Important: To stop bad actors like North Korea from using crypto for illegal funding 🌍.
Your thoughts? Should stablecoins be regulated harder? 👇
#crypto #NorthKoreaHackers
The U.S. says Huione Group (Cambodia) helped North Korea’s hackers (Lazarus Group 👾) hide stolen crypto money. Quick facts:
- U.S. Move: Stop Huione from using U.S. banks 🏦 to block illegal crypto-to-cash schemes.
- $4 Billion Dirty Money :
→ 🐷 $36M from scams (people tricked into fake crypto deals).
→ 💻 $37M from North Korea’s stolen crypto.
- Secret Tool: Huione made USDH, a “stablecoin” tied to dollars that can’t be frozen 🚫, helping hide illegal cash.
- Cambodia Acted: Banned Huione’s crypto work in March 2024.
Why It’s Important: To stop bad actors like North Korea from using crypto for illegal funding 🌍.
Your thoughts? Should stablecoins be regulated harder? 👇
#crypto #NorthKoreaHackers
North Korea’s 5,000-Ton Choe Hyon-Class Destroyer Sinks During Inauguration
North Korea's highly anticipated naval advancement turned into a national embarrassment as the new Choe Hyon-class destroyer capsized during its launch ceremony in front of Kim Jong Un. Designed as a symbol of rising maritime strength, the 5,000-ton warship never made it to sea. Reports suggest a critical failure in the launch mechanism caused the vessel to tip and sink.
Kim has condemned the incident as a “criminal act” and is reportedly furious with former Russian Defense Minister Sergei Shoigu, blaming Russian naval technology for the catastrophic failure.
North Korea's highly anticipated naval advancement turned into a national embarrassment as the new Choe Hyon-class destroyer capsized during its launch ceremony in front of Kim Jong Un. Designed as a symbol of rising maritime strength, the 5,000-ton warship never made it to sea. Reports suggest a critical failure in the launch mechanism caused the vessel to tip and sink.
Kim has condemned the incident as a “criminal act” and is reportedly furious with former Russian Defense Minister Sergei Shoigu, blaming Russian naval technology for the catastrophic failure.
See original
Lazarus Group (a hacker group supported by North Korea 🇰🇵) launched an attack on the OKX DEX platform! 🚨
The attack led to a temporary suspension of service by OKX, which is a popular cryptocurrency exchange. The Lazarus Group is known to be one of the most dangerous groups on the internet, carrying out attacks targeting cryptocurrency platforms and stealing users' funds to finance the North Korean regime.
#TonRally #Lazarus #NorthKoreaHackers #BTC #bitcoin
$BTC
The attack led to a temporary suspension of service by OKX, which is a popular cryptocurrency exchange. The Lazarus Group is known to be one of the most dangerous groups on the internet, carrying out attacks targeting cryptocurrency platforms and stealing users' funds to finance the North Korean regime.
#TonRally #Lazarus #NorthKoreaHackers #BTC #bitcoin
$BTC
North Korean Hackers Use Fake U.S. Firms to Target Crypto Devs
North Korean hacking groups have once again demonstrated how dangerously sophisticated they can be. This time, they’ve set their sights on crypto developers — posing as legitimate U.S.-based companies with one goal: to infect victims’ systems with malware.
🎭 Two Fake Companies. One Malicious Scheme.
Cybersecurity firm Silent Push has revealed that North Korean hackers created two LLCs — Blocknovas LLC in New Mexico and Softglide LLC in New York — pretending to be recruiters in the crypto industry. These companies sent “job offers” that contained malicious code. The notorious Lazarus Group, linked to North Korea’s intelligence services, is believed to be behind the operation.
A third entity, Angeloper Agency, showed the same digital fingerprint, though it wasn’t officially registered.
🧠 Malware That Steals Crypto Wallets
Once unsuspecting developers opened the infected files, the malware began harvesting login credentials, wallet keys, and other sensitive data. According to Silent Push’s report, multiple victims have already been identified — most linked to the Blocknovas domain, which was by far the most active.
The FBI has seized the domain and issued a warning that similar aliases may reappear soon.
💸 Covert Funding for North Korea’s Missile Program
According to U.S. officials, the ultimate goal of the scheme is simple: generate hard currency to fund North Korea’s nuclear weapons program. Intelligence sources say Pyongyang has been deploying thousands of IT operatives abroad to illegally raise funds through fraudulent schemes.
This case is especially troubling because it shows that North Korean hackers managed to set up legal companies inside the United States, a rare and alarming development.
🔐 Three Malware Families, One Lazarus Signature
Analysts found that the job files contained at least three known malware families, capable of opening backdoors, downloading additional malicious payloads, and stealing sensitive information. These tactics align closely with past attacks by the Lazarus Group.
⚠️ FBI Warning: Be Cautious of "Too Good to Be True" Job Offers
Federal agents emphasize that this case is a chilling reminder of how North Korea continues to evolve its cyber threats. Tech and cybersecurity professionals should thoroughly vet unsolicited job offers, especially those from unfamiliar companies. Developers infected by these schemes could lose cryptocurrency or unknowingly grant hackers access to larger systems and exchanges.
#HackerAlert , #CyberSecurity , #NorthKoreaHackers , #CryptoSecurity , #CryptoNewss
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
🎭 Two Fake Companies. One Malicious Scheme.
Cybersecurity firm Silent Push has revealed that North Korean hackers created two LLCs — Blocknovas LLC in New Mexico and Softglide LLC in New York — pretending to be recruiters in the crypto industry. These companies sent “job offers” that contained malicious code. The notorious Lazarus Group, linked to North Korea’s intelligence services, is believed to be behind the operation.
A third entity, Angeloper Agency, showed the same digital fingerprint, though it wasn’t officially registered.
🧠 Malware That Steals Crypto Wallets
Once unsuspecting developers opened the infected files, the malware began harvesting login credentials, wallet keys, and other sensitive data. According to Silent Push’s report, multiple victims have already been identified — most linked to the Blocknovas domain, which was by far the most active.
The FBI has seized the domain and issued a warning that similar aliases may reappear soon.
💸 Covert Funding for North Korea’s Missile Program
According to U.S. officials, the ultimate goal of the scheme is simple: generate hard currency to fund North Korea’s nuclear weapons program. Intelligence sources say Pyongyang has been deploying thousands of IT operatives abroad to illegally raise funds through fraudulent schemes.
This case is especially troubling because it shows that North Korean hackers managed to set up legal companies inside the United States, a rare and alarming development.
🔐 Three Malware Families, One Lazarus Signature
Analysts found that the job files contained at least three known malware families, capable of opening backdoors, downloading additional malicious payloads, and stealing sensitive information. These tactics align closely with past attacks by the Lazarus Group.
⚠️ FBI Warning: Be Cautious of "Too Good to Be True" Job Offers
Federal agents emphasize that this case is a chilling reminder of how North Korea continues to evolve its cyber threats. Tech and cybersecurity professionals should thoroughly vet unsolicited job offers, especially those from unfamiliar companies. Developers infected by these schemes could lose cryptocurrency or unknowingly grant hackers access to larger systems and exchanges.
#HackerAlert , #CyberSecurity , #NorthKoreaHackers , #CryptoSecurity , #CryptoNewss
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
🚨 $5.2M+ in Crypto Allegedly Stolen by North Korean Hackers! 🕵️♂️🪙
According to PANews and investigator ZachXBT, a major crypto theft has occurred—allegedly carried out by North Korean DPRK-linked hackers.
What we know so far:
🔐 Victim's multi-sig wallets, exchange accounts, and regular addresses were compromised
💸 Over $5.2 million siphoned off
🌪️ Hackers used Tornado Cash to launder 1,000 ETH and hide the trail
🧬 Suspected wallet addresses:
▪️ 0x9d42a049f88f1db4b304441081aff7c40d857bea
▪️ 0x4be5023ad49573a544a9a4109e4f1880a32fe5c3
▪️ 0x31088345396d0cf00a81a3e3b8e8c5bb8ec768a3
This attack highlights the ongoing threat of state-sponsored cybercrime in the crypto space.
Stay alert. Stay secure.
🔒 Double-check your wallet security and avoid centralized risks.
#CryptoSecurity #ZachXBT #NorthKoreaHackers #BlockchainNews #cryptohacks #TornadoCash #DeFiSecurity #PANews #Web3Alert #HackerNews #CryptoUpdate #CyberThreats
According to PANews and investigator ZachXBT, a major crypto theft has occurred—allegedly carried out by North Korean DPRK-linked hackers.
What we know so far:
🔐 Victim's multi-sig wallets, exchange accounts, and regular addresses were compromised
💸 Over $5.2 million siphoned off
🌪️ Hackers used Tornado Cash to launder 1,000 ETH and hide the trail
🧬 Suspected wallet addresses:
▪️ 0x9d42a049f88f1db4b304441081aff7c40d857bea
▪️ 0x4be5023ad49573a544a9a4109e4f1880a32fe5c3
▪️ 0x31088345396d0cf00a81a3e3b8e8c5bb8ec768a3
This attack highlights the ongoing threat of state-sponsored cybercrime in the crypto space.
Stay alert. Stay secure.
🔒 Double-check your wallet security and avoid centralized risks.
#CryptoSecurity #ZachXBT #NorthKoreaHackers #BlockchainNews #cryptohacks #TornadoCash #DeFiSecurity #PANews #Web3Alert #HackerNews #CryptoUpdate #CyberThreats
North Korea's Lazarus Group behind the $1.2 Billion Ethereum Heist. 🇰🇵
A massive $1.19 billion crypto theft has shaken the industry, with North Korea’s Lazarus Group accused of hacking an Ethereum wallet on Bybit. The February 23 attack caused Ethereum’s price to drop 4%, reigniting concerns over exchange security.
Blockchain forensics firm Arkham Intelligence linked the breach to Lazarus, known for funding Pyongyang through cybercrime. Bybit CEO Zhou confirmed 350,000 withdrawal requests but assured users that assets remained secure. Recovery efforts face challenges despite global law enforcement involvement.
The heist follows North Korea’s growing reliance on crypto theft, with Lazarus previously orchestrating billion-dollar breaches, including the $625M Ronin Network hack. Experts stress the need for multi-signature wallets, AI-driven security, and stronger regulatory collaboration to combat state-backed cyber threats.
#NorthKoreaHackers #northkorea #LazarusGroup #Lazarus #Ethereum $ETH
A massive $1.19 billion crypto theft has shaken the industry, with North Korea’s Lazarus Group accused of hacking an Ethereum wallet on Bybit. The February 23 attack caused Ethereum’s price to drop 4%, reigniting concerns over exchange security.
Blockchain forensics firm Arkham Intelligence linked the breach to Lazarus, known for funding Pyongyang through cybercrime. Bybit CEO Zhou confirmed 350,000 withdrawal requests but assured users that assets remained secure. Recovery efforts face challenges despite global law enforcement involvement.
The heist follows North Korea’s growing reliance on crypto theft, with Lazarus previously orchestrating billion-dollar breaches, including the $625M Ronin Network hack. Experts stress the need for multi-signature wallets, AI-driven security, and stronger regulatory collaboration to combat state-backed cyber threats.
#NorthKoreaHackers #northkorea #LazarusGroup #Lazarus #Ethereum $ETH
HERE ARE THE LATEST CRYPTOCURRENCY NEWS UPDATES FOR March 11, 2025:
i.Singapore Exchange Plans Bitcoin Futures Listing
The Singapore Exchange (SGX) intends to introduce open-ended bitcoin futures contracts in the latter half of 2025. This initiative is targeted at institutional clients and professional investors, aiming to "significantly expand institutional market access." Retail investors will not have access to these instruments.
ii. European Concerns Over U.S. Cryptocurrency Policies
Eurozone finance ministers have expressed apprehension regarding the U.S. administration's pro-cryptocurrency stance, fearing it could undermine the eurozone's monetary sovereignty and financial stability. President Donald Trump's executive order to establish a strategic cryptocurrency reserve marks a significant policy shift, prompting European officials to expedite discussions on a digital euro to safeguard economic sovereignty.
iii.North Korean Hackers and the $1.5 Billion Crypto Heist
The Lazarus Group, a North Korean hacking collective, has reportedly extracted $300 million from a recent $1.5 billion cryptocurrency heist—the largest in history. The stolen funds are allegedly intended to support North Korea's nuclear program, with hackers working tirelessly to convert the remaining cryptocurrency into cash.
iv.Cryptocurrency Market Trends
Cryptocurrency values are on the rise, with Bitcoin surpassing $90,000. Enthusiasts are keenly observing whether Bitcoin can exceed its previous record high of $109,135.
#NorthKoreaHackers #SingaporeCryptoTrend
#usacryptopolicy
#BTC
i.Singapore Exchange Plans Bitcoin Futures Listing
The Singapore Exchange (SGX) intends to introduce open-ended bitcoin futures contracts in the latter half of 2025. This initiative is targeted at institutional clients and professional investors, aiming to "significantly expand institutional market access." Retail investors will not have access to these instruments.
ii. European Concerns Over U.S. Cryptocurrency Policies
Eurozone finance ministers have expressed apprehension regarding the U.S. administration's pro-cryptocurrency stance, fearing it could undermine the eurozone's monetary sovereignty and financial stability. President Donald Trump's executive order to establish a strategic cryptocurrency reserve marks a significant policy shift, prompting European officials to expedite discussions on a digital euro to safeguard economic sovereignty.
iii.North Korean Hackers and the $1.5 Billion Crypto Heist
The Lazarus Group, a North Korean hacking collective, has reportedly extracted $300 million from a recent $1.5 billion cryptocurrency heist—the largest in history. The stolen funds are allegedly intended to support North Korea's nuclear program, with hackers working tirelessly to convert the remaining cryptocurrency into cash.
iv.Cryptocurrency Market Trends
Cryptocurrency values are on the rise, with Bitcoin surpassing $90,000. Enthusiasts are keenly observing whether Bitcoin can exceed its previous record high of $109,135.
#NorthKoreaHackers #SingaporeCryptoTrend
#usacryptopolicy
#BTC
⚠️ SECURITY ALERT!
North Korean IT workers are stepping up cyberattacks across Europe, targeting blockchain projects like those on Solana, according to a Google Cloud report.
Operatives pose as remote developers using fake identities, securing roles to access critical systems and steal sensitive data.
One operative was found juggling 12 fake personas across the U.S. and Europe, building fake references and even vouching for themselves through other controlled identities.
Their skills span blockchain, AI, and full-stack dev, including work on Solana apps, Anchor smart contracts, and CosmosSDK.
#NorthKoreaHackers
North Korean IT workers are stepping up cyberattacks across Europe, targeting blockchain projects like those on Solana, according to a Google Cloud report.
Operatives pose as remote developers using fake identities, securing roles to access critical systems and steal sensitive data.
One operative was found juggling 12 fake personas across the U.S. and Europe, building fake references and even vouching for themselves through other controlled identities.
Their skills span blockchain, AI, and full-stack dev, including work on Solana apps, Anchor smart contracts, and CosmosSDK.
#NorthKoreaHackers
North Korea-Linked Hackers Exploit Radiant Capital for $50 Million Through Social Engineering
North Korean Hackers Orchestrate Sophisticated Attack
A recent postmortem report reveals that North Korea-backed hackers, identified as UNC4736 (also known as Citrine Sleet), exploited Radiant Capital in a $50 million attack. The operation involved advanced social engineering tactics, with the attackers impersonating a "trusted former contractor" and distributing malware via a zipped PDF file.
Phishing Through Fake Domains and Data Manipulation
The hackers created a fake domain mimicking a legitimate Radiant Capital contractor and reached out to the Radiant team through Telegram. They requested feedback on an alleged smart contract audit project. However, the shared file concealed INLETDRIFT malware, which created macOS backdoors, granting the hackers access to hardware wallets of at least three Radiant developers.
Manipulated Transactions and Compromised Security
During the attack on October 16, the malware tampered with the Safe{Wallet} interface (formerly Gnosis Safe), displaying legitimate transaction data to developers while executing malicious transactions in the background. Despite adhering to stringent security protocols like Tenderly simulations and Standard Operating Procedures (SOP), the attackers successfully compromised multiple developer devices.
UNC4736’s Links to North Korea
According to cybersecurity firm Mandiant, UNC4736 is connected to North Korea's General Reconnaissance Bureau. This group is notorious for targeting cryptocurrency companies and financial institutions globally.
North Korean Hackers Fund Nuclear Programs
The Federal Bureau of Investigation (FBI) has previously warned about North Korean hackers’ sophisticated tactics, including targeting cryptocurrency exchanges and prominent firms. Research indicates that these state-backed groups have stolen approximately $3 billion from the cryptocurrency sector since 2017. The stolen funds are reportedly used to finance North Korea's nuclear weapons program.
A Concerning Trend in Cybersecurity
This case highlights the increasing sophistication of cyberattacks, as hackers deploy social engineering and advanced tools to target cryptocurrency firms. Radiant Capital fell victim to a meticulously planned operation, underscoring the urgent need for enhanced security measures within the crypto industry.
#CryptoNewss , #NorthKoreaHackers , #hackers , #Cryptoscam , #CryptoSecurity
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
A recent postmortem report reveals that North Korea-backed hackers, identified as UNC4736 (also known as Citrine Sleet), exploited Radiant Capital in a $50 million attack. The operation involved advanced social engineering tactics, with the attackers impersonating a "trusted former contractor" and distributing malware via a zipped PDF file.
Phishing Through Fake Domains and Data Manipulation
The hackers created a fake domain mimicking a legitimate Radiant Capital contractor and reached out to the Radiant team through Telegram. They requested feedback on an alleged smart contract audit project. However, the shared file concealed INLETDRIFT malware, which created macOS backdoors, granting the hackers access to hardware wallets of at least three Radiant developers.
Manipulated Transactions and Compromised Security
During the attack on October 16, the malware tampered with the Safe{Wallet} interface (formerly Gnosis Safe), displaying legitimate transaction data to developers while executing malicious transactions in the background. Despite adhering to stringent security protocols like Tenderly simulations and Standard Operating Procedures (SOP), the attackers successfully compromised multiple developer devices.
UNC4736’s Links to North Korea
According to cybersecurity firm Mandiant, UNC4736 is connected to North Korea's General Reconnaissance Bureau. This group is notorious for targeting cryptocurrency companies and financial institutions globally.
North Korean Hackers Fund Nuclear Programs
The Federal Bureau of Investigation (FBI) has previously warned about North Korean hackers’ sophisticated tactics, including targeting cryptocurrency exchanges and prominent firms. Research indicates that these state-backed groups have stolen approximately $3 billion from the cryptocurrency sector since 2017. The stolen funds are reportedly used to finance North Korea's nuclear weapons program.
A Concerning Trend in Cybersecurity
This case highlights the increasing sophistication of cyberattacks, as hackers deploy social engineering and advanced tools to target cryptocurrency firms. Radiant Capital fell victim to a meticulously planned operation, underscoring the urgent need for enhanced security measures within the crypto industry.
#CryptoNewss , #NorthKoreaHackers , #hackers , #Cryptoscam , #CryptoSecurity
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
The notorious North Korean hacking group, Lazarus, has reportedly set its sights on another target in the decentralized finance (DeFi) space: the OKX DEX aggregator service. The major cryptocurrency exchange has taken swift action, temporarily suspending the service to implement security upgrades and address vulnerabilities.
#OKx #Lazarus #NorthKoreaHackers #Write2Earn
#OKx #Lazarus #NorthKoreaHackers #Write2Earn
#CryptoSecurity101 🚨 CRYPTO SECURITY ALERT: June 2025**
➤ $2.2B Stolen in 2024 (60% tied to North Korean hackers!)
➤ Physical Threats Rising: "Wrench attacks" hit U.S., France & beyond
➤ Fighting Back:
- 🤖 AI blockchain surveillance
- 🔐 Biometric air-gapped wallets
- 👥 Multi-sig + social recovery
- 🛡️ Crypto insurance coverage
➤ Quantum Future-Proofing:
NIST’s 2024 quantum-resistant standards underway!
⚠️ YOUR ACTION PLAN:
Layer tech + insurance + physical safety.
Is your portfolio shielded?
👇 Share your security strategy!
#CryptoSecurity #NorthKoreaHackers #QuantumCrypto
➤ $2.2B Stolen in 2024 (60% tied to North Korean hackers!)
➤ Physical Threats Rising: "Wrench attacks" hit U.S., France & beyond
➤ Fighting Back:
- 🤖 AI blockchain surveillance
- 🔐 Biometric air-gapped wallets
- 👥 Multi-sig + social recovery
- 🛡️ Crypto insurance coverage
➤ Quantum Future-Proofing:
NIST’s 2024 quantum-resistant standards underway!
⚠️ YOUR ACTION PLAN:
Layer tech + insurance + physical safety.
Is your portfolio shielded?
👇 Share your security strategy!
#CryptoSecurity #NorthKoreaHackers #QuantumCrypto
🚨 North Korean Hackers Allegedly Acquire PEPE Tokens via Tornado Cash 🚨
Blockchain investigator ZachXBT has reported that North Korean hackers allegedly used Tornado Cash on March 11 to mix stolen funds before purchasing 437.6 billion PEPE tokens (worth ~$3.1 million).
🔍 Further investigations, including Lookonchain monitoring, revealed that three wallets recently bought 689.79 billion PEPE (~$4.3 million) using funds traced back to Tornado Cash.
💰 With growing concerns over illicit crypto transactions, this revelation raises serious security and regulatory questions.
What are your thoughts on this? 👇
#crypto #blockchain #PEPE #NorthKoreaHackers #TornadoCash
Blockchain investigator ZachXBT has reported that North Korean hackers allegedly used Tornado Cash on March 11 to mix stolen funds before purchasing 437.6 billion PEPE tokens (worth ~$3.1 million).
🔍 Further investigations, including Lookonchain monitoring, revealed that three wallets recently bought 689.79 billion PEPE (~$4.3 million) using funds traced back to Tornado Cash.
💰 With growing concerns over illicit crypto transactions, this revelation raises serious security and regulatory questions.
What are your thoughts on this? 👇
#crypto #blockchain #PEPE #NorthKoreaHackers #TornadoCash
Login to explore more contents