ChainCatcher reports that, according to Cointelegraph, the U.S. cybersecurity firm Mandiant, a subsidiary of Google Cloud, has discovered that North Korea-linked threat groups are increasing social engineering attacks targeting cryptocurrency and fintech companies.
The threat group (codenamed UNC1069) has deployed seven malicious software suites, including newly discovered SILENCELIFT, DEEPBREATH, and CHROMEPUSH, aimed at obtaining sensitive data and stealing digital assets. The attackers exploit compromised Telegram accounts and use AI-generated deepfake videos to lure victims into fake Zoom meetings. Mandiant has been tracking this group since 2018, but advances in AI have helped the group expand its malicious activities since November 2025. In one intrusion, the attackers used stolen cryptocurrency founder Telegram accounts to initiate contact and employed a so-called ClickFix attack to trick victims into executing “troubleshooting” commands containing hidden instructions.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
$3.85 Million in Ethereum From Mixin Network Hack Sent to Tornado Cash
A dormant hacker wallet from the 2023 Mixin exploit transferred $3.85 million in Ethereum to Tornado Cash. The Mixin hack caused a $200 million loss. Mixin plans to repay affected users $23 million by September 2026, but continues operations with $1 billion in assets.
Decrypt5h ago
Israel Indicts Duo for Insider Trading on Polymarket With Classified Military Information
Two individuals in Israel were indicted for allegedly using classified military information to profit from bets on the prediction market Polymarket, raising concerns about insider trading and security risks.
Coinpedia7h ago
Mixin Network hacker sleeps for two years and "sells 2,000 ETH"! Still holding 57,849 ETH and 891 BTC
Mixin hacker has been active again after two years of silence, starting to sell small amounts of their ETH and BTC holdings through Tornado Cash, having transferred 2,005 ETH. The hacker still holds approximately 57,849 ETH and 891 BTC, which could put pressure on the market. This incident serves as a reminder to investors of the importance of securing their crypto assets.
動區BlockTempo10h ago
The Israeli military is hunting for spies on Polymarket
Israeli Defense Forces reservists and civilians have been charged for placing bets on military secrets on Polymarket,涉嫌 insider trading. This incident highlights the risks of unfair competition and insider involvement in prediction markets, especially in sensitive areas like war. It calls for potential future regulation to prevent similar issues.
区块客11h ago
Chainalysis Flags Hundreds of Millions in Crypto Tied to Trafficking Groups
_Chainalysis reports an 85% rise in crypto flows tied to trafficking networks, with stablecoins widely used in illicit operations._
Crypto payments are playing a growing role in suspected human trafficking operations. New findings from Chainalysis show a sharp increase in digital asset flows
LiveBTCNews12h ago
Cold wallets are still there, but Bitcoin has vanished? 22 BTC mysteriously disappeared from Seoul Gangnam Police Station, with South Korean authorities losing nearly $50 million worth of coins in six months
Seoul Gangnam Police Station in South Korea has discovered that 22 Bitcoins stored since 2021 have been transferred under unknown circumstances, worth over $1.4 million, with the cold wallet still at the police station. Previously, the Gwangju Prosecutor's Office also lost approximately $47 million worth of Bitcoin due to a phishing attack. This has raised questions about internal personnel or cybersecurity vulnerabilities, leading to a crisis of trust in the management of encrypted assets by Korean law enforcement agencies.
動區BlockTempo13h ago
