Home > Quick > Body

Analysis: North Korean hackers use inducement to run malicious programs to break into systems, have stolen $1.60 billion cryptocurrency this year

clock
2025-08-05 01:16:49
On August 5th, according to research by Google Cloud and cyber security company Wiz, North Korean hackers are infiltrating cloud systems through fake IT job offers, and are expected to steal $1.60 billion worth of cryptocurrency in 2025. The research shows that the hacker team codenamed UNC4899 (also known as TraderTraitor, Jade Sleet or Slow Pisces) used social media to impersonate recruiters and lure target corporate employees to run malicious programs, successfully invade Google Cloud and AWS systems and hijack cryptocurrency trading hosts. Wiz said that TraderTraitor represents a certain type of threat activity, rather than a specific group. North Korean-backed entities Lazarus Group, APT38, BlueNoroff, and Stardust Chollima are all behind typical TraderTraitor attacks.
The attack pattern has continued to evolve since 2020: early use of JavaScript to build malicious cryptographic applications, introduction of open-source code exploits in 2023, and 2024 to focus on attacks on exchange cloud infrastructure, including an intrusion that caused the loss of $305 million in Japanese DMM Bitcoin. Experts point out that North Korean hackers are the first to use AI technology to generate phishing emails and malicious scripts, and their attack team may be thousands of people.
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
New Tab Page - Desk3 | Plugin
Stay ahead of the game in the cryptocurrency space.