Google reveals North Korea-linked hackers use "Ethereum hiding" techniques for cryptocurrency theft and sensitive information collection
Jinse Finance reported that Google Threat Intelligence Group (GTIG) released investigation results on the 17th, stating that the North Korea-linked hacker group UNC5324 is using a new technique called "Ether Hiding" to steal cryptocurrencies and collect sensitive information. The group emphasized that this investigation is the first time the "Ether Hiding" technique, which uses public decentralized blockchains to hide malware, has been found to be abused by state-sponsored threat actors, which is of significant importance. GTIG detected that UNC5324 lured developers into installing malware through a social engineering attack campaign called "Contagious Interview" by Palo Alto Networks. This attack affected multiple operating systems including Windows, macOS, and Linux through a multi-stage malware infection process. The attackers stored the malware on immutable blockchains and invoked it in a "read-only" manner, thereby continuously issuing control commands and manipulating victim systems anonymously.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
「BTC OG Insider Whale」 Agent: Bitcoin, ETH Set to Surge, First Targets at $106,000 and $4,500
Stacks officially launches USDCx, bringing native institutional-grade USD liquidity to Bitcoin L2
Trending news
MoreGrayscale: By 2025, the stablecoin supply will reach $300 billion, with an average monthly trading volume of $1.1 trillion, benefiting multiple token assets
Grayscale: Stablecoin supply to reach $300 billions and average monthly trading volume to hit $1.1 trillions in 2025, with multiple token assets set to benefit
Crypto prices
More
