ChainCatcher reports that, according to Cointelegraph, the U.S. cybersecurity firm Mandiant, a subsidiary of Google Cloud, has discovered that North Korea-linked threat groups are increasing social engineering attacks targeting cryptocurrency and fintech companies.
The threat group (codenamed UNC1069) has deployed seven malicious software suites, including newly discovered SILENCELIFT, DEEPBREATH, and CHROMEPUSH, aimed at obtaining sensitive data and stealing digital assets. The attackers exploit compromised Telegram accounts and use AI-generated deepfake videos to lure victims into fake Zoom meetings. Mandiant has been tracking this group since 2018, but advances in AI have helped the group expand its malicious activities since November 2025. In one intrusion, the attackers used stolen cryptocurrency founder Telegram accounts to initiate contact and employed a so-called ClickFix attack to trick victims into executing “troubleshooting” commands containing hidden instructions.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
MrBeast Video Editor Suspended From Beast Industries Following Kalshi Insider Probe
In brief
Beast Industries suspended a video editor who was fined and issued a 2-year ban by Kalshi for insider trading.
The firm is being proactive about risks prediction markets pose, according to its CEO.
A person claiming to be the employee in question solicited funds in their
Decrypt2h ago
Less than a cent crashes liquidity of over $10,000,000; order attacks may drain Polymarket market makers
Author: Frank, PANews
An on-chain transaction costing less than $0.1 can instantly wipe out market-making orders worth tens of thousands of dollars from Polymarket's order book. This is not a theoretical scenario; it is a current reality.
In February 2026, a user revealed a new type of attack against Polymarket market makers on social media. Blogger BuBBliK described it as "elegant & brutal," because the attacker only needs to pay less than $0.1 in Gas fees on the Polygon network to complete an attack cycle in about 50 seconds, while victims—those market makers and automated trading bots placing genuine buy and sell orders on the order book—face order destruction or passive losses.
PANews has looked into
区块客5h ago
Ransomware payments decrease by 8% in 2025, but the number of attacks surge by 50%
In 2025, on-chain ransomware payments decreased by 8% to over $820 million, despite a 50% increase in attacks, marking a record year. The median payment surged by 368%, with Bitcoin remaining the preferred payment method.
TapChiBitcoin6h ago
Jane Street Crashed Luna to Buy Anthropic Shares Cheap!
There is a viral assertion circulating in crypto markets that links Jane Street, the Terra Meltdown and AI firm, Anthropic. The storyline indicates a grander institutional plan of what has occurred in the market history. It is however a mix of both proven facts and speculation, and thus it is
Coinfomania7h ago
IoTex Compensation Plan: The claim portal will be announced on February 27, and users with damages not exceeding $10,000 will receive immediate full compensation.
IoTex announces recovery and compensation plan, promising to provide 100% full compensation to affected legitimate users. Users holding specific bridging assets can apply for compensation; those with assets totaling less than $10,000 can receive immediate reimbursement, while those with more than $10,000 will be compensated in phases and receive additional rewards. Claim and fund recovery information will be released on February 27.
GateNews8h ago
