ChainCatcher reports that, according to Cointelegraph, the U.S. cybersecurity firm Mandiant, a subsidiary of Google Cloud, has discovered that North Korea-linked threat groups are increasing social engineering attacks targeting cryptocurrency and fintech companies.
The threat group (codenamed UNC1069) has deployed seven malicious software suites, including newly discovered SILENCELIFT, DEEPBREATH, and CHROMEPUSH, aimed at obtaining sensitive data and stealing digital assets. The attackers exploit compromised Telegram accounts and use AI-generated deepfake videos to lure victims into fake Zoom meetings. Mandiant has been tracking this group since 2018, but advances in AI have helped the group expand its malicious activities since November 2025. In one intrusion, the attackers used stolen cryptocurrency founder Telegram accounts to initiate contact and employed a so-called ClickFix attack to trick victims into executing “troubleshooting” commands containing hidden instructions.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
FBI:AI 深度伪造技术加剧政府冒充类诈骗,2024 年损失超 4 亿美元
随着人工智能技术的普及,政府冒充类诈骗案件上升,诈骗者利用深度伪造视频和语音合成手段增信。2024年,一起AI伪造会议的诈骗案导致损失约2亿港元。FBI报告显示,2024年相关投诉超1.7万起,损失逾4亿美元,公众需提高警惕。
GateNews4h ago
Charlie Lee cảnh báo nguy cơ lượng Bitcoin của Satoshi bị tấn công lượng tử
Charlie Lee warns that Satoshi Nakamoto's estimated 1.1 million BTC could be at risk from future quantum computing attacks. He highlights vulnerabilities in early Bitcoin wallets and urges the crypto community to adopt long-term security measures.
TapChiBitcoin5h ago
DOJ Disrupts SocksEscort Network Linked to Crypto Fraud
U.S. authorities disrupted SocksEscort, a major proxy network exploiting infected routers for cybercrime, leading to significant losses for victims. The operation emphasized international cooperation in tackling cybercrime infrastructure.
TodayqNews15h ago
Ethereum Poisoning Attacks: How to Protect Yourself From Scammers - U.Today
Address poisoning attacks on Ethereum users are increasingly automated, deceiving victims into sending money to fake wallets. Recent data reveals significant losses and highlights the economic incentives driving these attacks, emphasizing the need for caution among users.
UToday20h ago
China's State Network Information Center Releases OpenClaw Security Risk Warning, with Approximately 23,000 Active Assets in the Domestic Market
Data from China's National Internet and Information Security Notification Center shows that there are over 200,000 active OpenClaw internet assets worldwide, with about 23,000 located within China, primarily concentrated in areas with dense network resources. These assets are exposed to security risks, and the behavior of agents is difficult to control, which could result in serious consequences such as data deletion and information theft.
GateNews22h ago
Ethereum Fees Drop Triggers Surge in Scams? Address Poisoning Attacks Skyrocket, USDT Micro Transactions Spike 612%
As Ethereum transaction costs decline, address poisoning attacks are becoming increasingly frequent. Attackers create counterfeit similar addresses and conduct small-value transfers to trick users into sending funds to the wrong address. After the Fusaka upgrade, small-value transactions surged, causing massive losses. Although the success rate of attacks is low, attackers continue to carry out these schemes due to low costs. Users need to carefully verify addresses and remain vigilant against such risks.
GateNews03-13 07:14
