ChainCatcher 消息,据 Cointelegraph 报道,隶属于 Google Cloud 的美国网络安全公司 Mandiant 发现朝鲜关联威胁组织正在加大针对加密货币和金融科技公司的社会工程攻击。
该威胁组织(代号 UNC1069)部署了七个恶意软件集合,包括新发现的 SILENCELIFT、DEEPBREATH 和 CHROMEPUSH,旨在获取敏感数据并窃取数字资产。攻击者利用被入侵的 Telegram 账户和通过人工智能生成的深度伪造视频进行虚假 Zoom 会议诱骗。自 2018 年以来,Mandiant 一直追踪该组织,但人工智能的进步帮助该组织自 2025 年 11 月起扩大了恶意活动规模。在一起入侵事件中,攻击者使用被盗的加密货币创始人 Telegram 账户发起联系,通过所谓的 ClickFix 攻击诱导受害者执行含有隐藏命令的“故障排除”指令。
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Articoli correlati
幣圈最瞎劫案?駭客鑄造10億鎂DOT幣,但只偷到23萬鎂
駭客利用 Hyperbridge 跨鏈橋漏洞鑄造10億枚 Polkadot (DOT) 代幣,名義價值超11.9億美元,但因流動性不足,最終僅套現約23.7萬美元。攻擊是因為智能合約未正確驗證訊息,讓駭客成功竊取管理權並鑄幣。事件突顯市場流動性在套利成功中的關鍵角色。
CryptoCity9h fa
Fake Ledger Live App Steals $9.5M From 50+ Users Across Multiple Blockchains
A fraudulent Ledger Live app on Apple's App Store stole $9.5 million from over 50 users by compromising wallet information. The incident, involving significant losses for major investors, raises concerns about App Store security, prompting discussions of a possible lawsuit against Apple.
GateNews11h fa
遭批凍結USDC速度太慢!Circle CEO:一定等法院命令才凍,拒絕私自凍結
Circle 執行長 Jeremy Allaire 表明,除非接獲法院命令或執法要求,否則公司不會主動凍結錢包位址。即便面臨駭客洗錢爭議與社群抨擊,Circle 仍堅持遵循法治原則營運。
Jeremy Allaire 確立 Circle 執法底線
-----------------------------
在全球加密貨幣市場風起雲湧之際,穩定幣發行商 Circle 的執行長 Jeremy Allaire 於南韓首爾的一場記者會上,針對市場最敏感的「資產凍結」議題發表了明確立場。他指出,Circle 雖然擁有技術手段可以凍結特定錢包位址,但除非收到法院命令或執法部門的正式指示,否則公司不
CryptoCity12h fa
Attacker Exploiting Bridged Polkadot Vulnerability Transfers $269K to Tornado Cash
On April 15, Arkham reported that the attacker who exploited a Bridged Polkadot vulnerability transferred around $269,000 in stolen funds to Tornado Cash, complicating asset tracking.
GateNews13h fa
Bitcoin Developers Propose BIP 361 to Protect Against Quantum Computing Threats
Bitcoin developers have proposed BIP 361 to safeguard the network against quantum computer risks by freezing vulnerable addresses. The proposal includes a phased plan to transition users to quantum-safe wallets, but it has sparked debate on user control and security.
GateNews13h fa
Hackers Exploit Obsidian Plugin to Spread PHANTOMPULSE Trojan with Blockchain C2
Elastic Security Labs revealed that threat actors impersonated venture capital firms on LinkedIn and Telegram to deploy a Windows RAT named PHANTOMPULSE, using Obsidian note vaults for attacks, which Elastic Defend successfully blocked.
GateNews14h fa
