Google's Threat Intelligence Group (GTIG) released its findings on the 17th that UNC5324, a North Korea-linked hacking group, is using a new technology known as "Ether Hiding" for cryptocurrency theft and sensitive information collection.
The panel stressed the significance of the investigation's finding for the first time that "Ether Hiding" technology, which uses a public decentralized blockchain to hide malicious software, was being abused by state-sponsored threat actors. GTIG caught UNC5324 tricking developers into installing malicious software through a social engineering campaign called "Contagious Interview" by Palo Alto internet company Palo Alto Networks.
The attack affected Windows, macOS, Linux and other operating systems through a multi-stage malicious software infection process. The attacker stored the malicious software on an immutable blockchain and called it in a "read-only" manner, thereby anonymously issuing control commands and manipulating the victim system.
Google Reveals North Korean Hackers Used "Ethereum Hidden" Technology for Cryptocurrency Theft and Sensitive Information Collection
2025-10-17 02:46:27
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
谷歌披露朝鲜关联黑客利用“以太坊隐藏”技术进行加密货币盗窃与敏感信息收集Next article:
Uniswap Labs:Solana已在Uniswap Web App上线
