North Korean Hackers Exploit Dev Device, Steal Millions in Crypto
Share:
2025: North Korea-linked UNC4899 tricked a developer via AirDrop, executed a malicious Python/binary disguised as a Kubernetes CLI, pivoted to the cloud, altered MFA, harvested credentials and stole millions in crypto. Attack underscores supply‑chain and developer-targeting security risk for crypto infrastructure (CEX/DEX, DeFi), with threat actors increasingly deploying AI malware and fake freelancers to breach projects and exfiltrate sensitive databases.
Predictions Markets
See what traders are focused on
- UNC4899 tricked a developer via AirDrop, pivoted to the cloud, and stole millions in cryptocurrency.
- Hackers exploited Kubernetes, altered MFA settings, and accessed sensitive databases to steal digital assets.
- North Korea-linked groups increasingly use AI malware and fake freelancers to target blockchain developers.
A North Korean threat actor, UNC4899, launched a sophisticated attack on a cryptocurrency firm in 2025, stealing millions in digital assets. The hackers tricked a developer into downloading a seemingly legitimate archive as part of an open-source collaboration.
The developer transferred it to a corporate device using AirDrop. As a result, the embedded malicious Python code executed a binary masquerading as a Kubernetes command-line tool. This backdoor enabled attackers to pivot to the cloud, harvest credentials, and manipulate critical infrastructure.…
Read The Full Article North Korean Hackers Exploit Dev Device, Steal Millions in Crypto On Coin Edition.
Predictions Markets
See what traders are focused on
Share:
Predictions Markets
See what traders are focused on
Share:
Read More
Scammers Steal Over $400,000 Via Fake Uniswap Google Ads
