ChainCatcher reports that, according to Cointelegraph, the U.S. cybersecurity firm Mandiant, a subsidiary of Google Cloud, has discovered that North Korea-linked threat groups are increasing social engineering attacks targeting cryptocurrency and fintech companies.
The threat group (codenamed UNC1069) has deployed seven malicious software suites, including newly discovered SILENCELIFT, DEEPBREATH, and CHROMEPUSH, aimed at obtaining sensitive data and stealing digital assets. The attackers exploit compromised Telegram accounts and use AI-generated deepfake videos to lure victims into fake Zoom meetings. Mandiant has been tracking this group since 2018, but advances in AI have helped the group expand its malicious activities since November 2025. In one intrusion, the attackers used stolen cryptocurrency founder Telegram accounts to initiate contact and employed a so-called ClickFix attack to trick victims into executing “troubleshooting” commands containing hidden instructions.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Ledger Founder Kidnapping Suspect Arrested in Bitcoin Extortion Case
Police arrest a suspect linked to the kidnapping case of David Balland, co-founder of Ledger. The criminal group committed violence against him and his partner to extort bitcoin. International cooperation has intensified efforts to combat violent crimes targeting cryptocurrency, reminding holders to enhance security awareness.
GateNews37m ago
Balancer Labs Announces Shutdown, $128 Million Hacker Attack Severely Damages Protocol Operations
Balancer Labs, the parent company of the well-known liquidity protocol Balancer, has announced it will cease operations. The shutdown follows a hacker attack in November that resulted in a $128 million loss, leaving the company unable to continue operations. Co-founder emphasized that the protocol will continue to exist and plans to restructure, concentrating resources on core products. The coming year will be critical.
ChainNewsAbmedia51m ago
Golden Afternoon News | Important Midday Updates on March 24
Spain arrests suspect in Ledger co-founder kidnapping case, Aave v4 receives nearly unanimous support to proceed with mainnet deployment, while Russia allows Bitcoin and other cryptocurrencies to enter the market, and multiple central banks will increase gold holdings to address geopolitical risks.
金色财经_57m ago
$1000 in Cryptocurrency Exchanged for "Iron Dome" Secrets, Israeli Soldier Faces Potential Life Sentence in Espionage Case
Israeli reservist Raz Cohen has been indicted for leaking classified information about the "Iron Dome" air defense system to Iran, involving critical operational data and personal information of security personnel. The case has drawn attention, highlighting the risks of adversarial intelligence exploiting encrypted communications and cryptocurrencies.
GateNews1h ago
Balancer Gradually Ceasing Operations! Earned Zero Revenue After Million Dollar Hack, Facing Legal Risks
DeFi protocol Balancer is gradually shutting down operations following a million hack, citing lack of sustainable revenue and legal risks. The future will be maintained by the DAO. Founders will exit, and the restructuring plan will halt token issuance, highlighting the challenges of the old model.
CryptoCity1h ago
Cryptocurrency Payments Become Information Infiltration Tool: Soldier Sells Israeli "Iron Dome" Secrets for 1000 USD
Israeli reserve soldier Raz Cohen was charged with leaking "Iron Dome" air defense system secrets to Iran in exchange for 1,000 US dollars in cryptocurrency. Cohen transmitted 27 critical documents in a short period, including system operations and base locations, revealing vulnerabilities and risks in current intelligence penetration, and highlighting the role of social media and cryptocurrency payments in criminal activities.
MarketWhisper1h ago
