ChainCatcher reports that, according to Cointelegraph, the U.S. cybersecurity firm Mandiant, a subsidiary of Google Cloud, has discovered that North Korea-linked threat groups are increasing social engineering attacks targeting cryptocurrency and fintech companies.
The threat group (codenamed UNC1069) has deployed seven malicious software suites, including newly discovered SILENCELIFT, DEEPBREATH, and CHROMEPUSH, aimed at obtaining sensitive data and stealing digital assets. The attackers exploit compromised Telegram accounts and use AI-generated deepfake videos to lure victims into fake Zoom meetings. Mandiant has been tracking this group since 2018, but advances in AI have helped the group expand its malicious activities since November 2025. In one intrusion, the attackers used stolen cryptocurrency founder Telegram accounts to initiate contact and employed a so-called ClickFix attack to trick victims into executing “troubleshooting” commands containing hidden instructions.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Drift hacked for $280 million—legal action! A U.S. law firm files a class-action lawsuit against Circle, alleging it allowed hackers to launder money without freezing funds
A U.S. law firm Gibbs Mura is launching an investigation into a class-action lawsuit regarding the April 1 Drift Protocol hack, alleging that stablecoin issuer USDC’s issuer Circle failed to freeze $230 million of the stolen funds. The firm will investigate Circle’s alleged double standards in the incident and its monitoring vulnerabilities. This case is expected to have a major impact on the legal liability of stablecoin issuers.
動區BlockTempo3h ago
Phantom Wallet Crashes Big Time! During the Airdrop Period, Token Prices Get Thrown Off, Balances Go to Zero—Users Blast the “Losses”
Phantom, a wallet in the Solana ecosystem, experienced a service outage during the airdrop, causing abnormal token price and account balance displays and affecting users’ transactions. Some users therefore incurred losses and are demanding compensation. Security experts warn of the risk of phishing attacks and advise users to verify on-chain data. Although the issue has been fixed, the trust crisis still needs to be monitored. This incident highlights the challenges self-custody wallets face in terms of system stability and user experience.
区块客5h ago
Circle Responds to the Drift Protocol Hack: USDC Freezing Must Be Executed Legally, Urges Faster Crypto Legislation
Circle’s Chief Strategy Officer Dante Disparte responded to the Drift Protocol theft incident, emphasizing that freezing USDC is being carried out according to law, calling for stronger coordination between law and technology, and suggesting that DeFi protocols should draw on protection mechanisms from traditional markets to advance legal protection of property rights and financial privacy.
GateNews6h ago
Aethir prevents cross-chain bridge exploit attacks, losses controlled at $90k, and commits to compensate
Decentralized GPU cloud computing platform Aethir confirmed that its Ethereum bridge contract was attacked, with losses kept within $90k. The team promptly disconnected the contract and worked with exchanges to deal with the hacker wallets. The attacker used a cross-chain smart contract to move funds. Aethir plans to announce a compensation plan next week, and revenue is expected to reach $127.8 million in 2025.
GateNews7h ago
Bitcoin Depot Discloses $3.6M BTC Theft After Hack on Settlement Accounts
Bitcoin Depot reported a security breach where hackers stole 50.9 BTC, worth approximately $3.6 million, by compromising internal settlement account credentials. This incident highlights vulnerabilities in crypto companies' operational infrastructure, emphasizing the need for enhanced security measures.
CryptoNewsFlash9h ago
Aethir Successfully Thwarts an ATH Token Cross-Chain Bridge Attack, with User Losses Below $90k
Aethir issued a security advisory on April 10, confirming that it successfully blocked a malicious attack on the ATH token cross-chain bridge contract, with losses under $90k. All affected contracts have been disconnected, and the core circulating supply remains intact. Aethir will work with trading platforms and law enforcement agencies to support the freezing of funds and the identification and tracking of the attacker, and it will publish investigation updates and a compensation plan in its Discord community.
GateNews10h ago
