• bitcoinBitcoin (BTC) $ 70,522.00
  • ethereumEthereum (ETH) $ 2,061.68
  • tetherTether (USDT) $ 1.00
  • bnbBNB (BNB) $ 648.70
  • xrpXRP (XRP) $ 1.39
  • usd-coinUSDC (USDC) $ 0.999997
  • solanaSolana (SOL) $ 86.30
  • tronTRON (TRX) $ 0.289594
  • staked-etherLido Staked Ether (STETH) $ 2,265.05
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.04
  • dogecoinDogecoin (DOGE) $ 0.093468
  • whitebitWhiteBIT Coin (WBT) $ 55.50
  • usdsUSDS (USDS) $ 0.999957
  • cardanoCardano (ADA) $ 0.264667
  • bitcoin-cashBitcoin Cash (BCH) $ 454.57
  • wrapped-stethWrapped stETH (WSTETH) $ 2,779.67
  • hyperliquidHyperliquid (HYPE) $ 36.14
  • leo-tokenLEO Token (LEO) $ 9.17
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 76,243.00
  • moneroMonero (XMR) $ 349.87
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.998762
  • chainlinkChainlink (LINK) $ 9.08
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 2,466.93
  • ethena-usdeEthena USDe (USDE) $ 0.999719
  • canton-networkCanton (CC) $ 0.147698
  • stellarStellar (XLM) $ 0.160547
  • wrapped-eethWrapped eETH (WEETH) $ 2,465.31
  • usd1-wlfiUSD1 (USD1) $ 0.999126
  • rainRain (RAIN) $ 0.009103
  • susdssUSDS (SUSDS) $ 1.08
  • daiDai (DAI) $ 1.00
  • litecoinLitecoin (LTC) $ 54.82
  • avalanche-2Avalanche (AVAX) $ 9.71
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 76,366.00
  • hedera-hashgraphHedera (HBAR) $ 0.095192
  • paypal-usdPayPal USD (PYUSD) $ 0.999817
  • suiSui (SUI) $ 0.978028
  • wethWETH (WETH) $ 2,268.37
  • zcashZcash (ZEC) $ 214.65
  • shiba-inuShiba Inu (SHIB) $ 0.000006
  • the-open-networkToncoin (TON) $ 1.32
  • usdt0USDT0 (USDT0) $ 0.998824
  • crypto-com-chainCronos (CRO) $ 0.075754
  • tether-goldTether Gold (XAUT) $ 5,147.95
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.102042
  • pax-goldPAX Gold (PAXG) $ 5,187.27
  • polkadotPolkadot (DOT) $ 1.54
  • memecoreMemeCore (M) $ 1.43
  • uniswapUniswap (UNI) $ 3.93
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.22
  • mantleMantle (MNT) $ 0.700601
  • pi-networkPi Network (PI) $ 0.233846
  • hashnote-usycCircle USYC (USYC) $ 1.12
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • okbOKB (OKB) $ 95.16
  • bittensorBittensor (TAO) $ 199.95
  • skySky (SKY) $ 0.076093
  • falcon-financeFalcon USD (USDF) $ 0.997351
  • aster-2Aster (ASTER) $ 0.698765
  • aaveAave (AAVE) $ 112.83
  • global-dollarGlobal Dollar (USDG) $ 1.00
  • nearNEAR Protocol (NEAR) $ 1.31
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.15
  • ripple-usdRipple USD (RLUSD) $ 1.00
  • bitget-tokenBitget Token (BGB) $ 2.18
  • internet-computerInternet Computer (ICP) $ 2.76
  • htx-daoHTX DAO (HTX) $ 0.000002
  • pepePepe (PEPE) $ 0.000003
  • bfusdBFUSD (BFUSD) $ 0.999201
  • ethereum-classicEthereum Classic (ETC) $ 8.38
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.12
  • ondo-financeOndo (ONDO) $ 0.259057
  • pump-funPump.fun (PUMP) $ 0.002049
  • gatechain-tokenGate (GT) $ 7.04
  • morphoMorpho (MORPHO) $ 1.98
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 11.02
  • kucoin-sharesKuCoin (KCS) $ 8.06
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.00
  • worldcoin-wldWorldcoin (WLD) $ 0.361617
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.097597
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.22
  • cosmosCosmos Hub (ATOM) $ 1.83
  • jito-staked-solJito Staked SOL (JITOSOL) $ 124.46
  • nexoNEXO (NEXO) $ 0.902831
  • ethenaEthena (ENA) $ 0.105949
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 2,404.69
  • midnight-3Midnight (NIGHT) $ 0.052988
  • usdtbUSDtb (USDTB) $ 1.00
  • binance-peg-wethBinance-Peg WETH (WETH) $ 2,262.26
  • kaspaKaspa (KAS) $ 0.030629
  • rocket-pool-ethRocket Pool ETH (RETH) $ 2,631.35
  • render-tokenRender (RENDER) $ 1.55
  • hash-2Provenance Blockchain (HASH) $ 0.013987
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999945
  • algorandAlgorand (ALGO) $ 0.086970
  • flare-networksFlare (FLR) $ 0.009020
  • wbnbWrapped BNB (WBNB) $ 759.61
  • aptosAptos (APT) $ 0.962956
  • ignition-fbtcFunction FBTC (FBTC) $ 76,389.00
  • ousgOUSG (OUSG) $ 114.55
  • usddUSDD (USDD) $ 1.00
  • filecoinFilecoin (FIL) $ 0.903619
  • official-trumpOfficial Trump (TRUMP) $ 2.95
  • xdce-crowd-saleXDC Network (XDC) $ 0.032300
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • vechainVeChain (VET) $ 0.007156
  • arbitrumArbitrum (ARB) $ 0.101982
  • beldexBeldex (BDX) $ 0.079892
  • binance-staked-solBinance Staked SOL (BNSOL) $ 108.24
  • yldsYLDS (YLDS) $ 0.999996
  • stable-2​​Stable (STABLE) $ 0.028533
  • jupiter-exchange-solanaJupiter (JUP) $ 0.167649
  • ghoGHO (GHO) $ 1.00
  • janus-henderson-anemoy-treasury-fundJanus Henderson Anemoy Treasury Fund (JTRSY) $ 1.10
  • usual-usdUsual USD (USD0) $ 1.00
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999720
  • bonkBonk (BONK) $ 0.000006
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 76,461.00
  • decredDecred (DCR) $ 28.64
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 76,491.00
  • true-usdTrueUSD (TUSD) $ 0.999579
  • kite-2Kite (KITE) $ 0.272038
  • a7a5A7A5 (A7A5) $ 0.012387
  • clbtcclBTC (CLBTC) $ 76,920.00
  • blockstackStacks (STX) $ 0.258420
  • fasttokenFasttoken (FTN) $ 1.09
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.709320
  • justJUST (JST) $ 0.052148
  • pancakeswap-tokenPancakeSwap (CAKE) $ 1.38
  • euro-coinEURC (EURC) $ 1.16
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 2,419.84
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.007168
  • ether-fiEther.fi (ETHFI) $ 0.579387
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 33.97
  • tbtctBTC (TBTC) $ 70,942.00
  • sei-networkSei (SEI) $ 0.062926
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.03
  • wrappedm-by-m0WrappedM by M0 (WM) $ 1.00
  • layerzeroLayerZero (ZRO) $ 2.07
  • dashDash (DASH) $ 32.43
  • kinesis-goldKinesis Gold (KAU) $ 167.16
  • chilizChiliz (CHZ) $ 0.038473
  • tezosTezos (XTZ) $ 0.366405
  • c8ntinuumc8ntinuum (CTM) $ 0.087592
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.999903
  • siren-2Siren (SIREN) $ 0.507301
  • mantle-staked-etherMantle Staked Ether (METH) $ 2,455.82
  • usxUSX (USX) $ 0.999757
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.161503
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999983
  • curve-dao-tokenCurve DAO (CRV) $ 0.243234
  • resolv-wstusrResolv wstUSR (WSTUSR) $ 1.13
  • pippinpippin (PIPPIN) $ 0.349790
  • cocaCOCA (COCA) $ 1.30
  • gnosisGnosis (GNO) $ 127.41
  • apenftAINFT (NFT) $ 0.00000033
  • bittorrentBitTorrent (BTT) $ 0.00000033
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 2,406.26
  • adi-tokenADI (ADI) $ 3.35
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 76,200.00
  • kaiaKaia (KAIA) $ 0.055372
  • hastra-primePRIME (PRIME) $ 1.03
  • usdaiUSDai (USDAI) $ 1.00
  • aerodrome-financeAerodrome Finance (AERO) $ 0.342317
  • wrapped-flareWrapped Flare (WFLR) $ 0.009961
  • sun-tokenSun Token (SUN) $ 0.015977
  • bitcoin-svBitcoin SV (BSV) $ 15.38
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 2,266.86
  • celestiaCelestia (TIA) $ 0.340144
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.12
  • injective-protocolInjective (INJ) $ 2.99
  • riverRiver (RIVER) $ 15.05
  • flokiFLOKI (FLOKI) $ 0.000030
  • spx6900SPX6900 (SPX) $ 0.305152
  • jasmycoinJasmyCoin (JASMY) $ 0.005689
  • binance-peg-xrpBinance-Peg XRP (XRP) $ 1.59
  • the-graphThe Graph (GRT) $ 0.025987
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 2,443.47
  • iotaIOTA (IOTA) $ 0.064211
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 2,421.84
  • fraxLegacy Frax Dollar (FRAX) $ 0.993117
  • story-2Story (IP) $ 0.779649
  • sbtc-2sBTC (SBTC) $ 77,039.00
  • doublezeroDoubleZero (2Z) $ 0.077964
  • olympusOlympus (OHM) $ 17.28
  • pyth-networkPyth Network (PYTH) $ 0.046799
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 115.56
  • conflux-tokenConflux (CFX) $ 0.051730
  • savings-usddSavings USDD (SUSDD) $ 1.03
  • crvusdcrvUSD (CRVUSD) $ 0.996754
  • syrupMaple Finance (SYRUP) $ 0.227273
  • btse-tokenBTSE Token (BTSE) $ 1.61
  • msolMarinade Staked SOL (MSOL) $ 133.18
  • lighterLighter (LIT) $ 1.04
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 2,265.06
  • optimismOptimism (OP) $ 0.121486
  • lido-daoLido DAO (LDO) $ 0.298110
  • venice-tokenVenice Token (VVV) $ 5.64
  • lombard-protocolLombard (BARD) $ 1.11
  • staked-aaveStaked Aave (STKAAVE) $ 126.65
Bitcoin

North Korean Hackers Exploit Dev Device, Steal Millions in Crypto

By admin
0 4

North Korean Hackers Exploit Dev Device, Steal Millions in Crypto

A North Korean threat actor, UNC4899, launched a sophisticated attack on a cryptocurrency firm in 2025, stealing millions in digital assets. The hackers tricked a developer into downloading a seemingly legitimate archive as part of an open-source collaboration.

The developer transferred it to a corporate device using AirDrop. As a result, the embedded malicious Python code executed a binary masquerading as a Kubernetes command-line tool. This backdoor enabled attackers to pivot to the cloud, harvest credentials, and manipulate critical infrastructure.

Google Cloud described the attack as a mix of “social engineering, exploitation of personal-to-corporate device peer-to-peer data transfer mechanisms, workflows, and eventual pivot to the cloud to employ living-off-the-cloud (LOTC) techniques.”

Cloud Attackers Drain Crypto via Kubernetes

Once UNC4899 got inside the system, they explored the company’s Kubernetes setup and used stolen service account tokens to gain higher-level access. They even changed multi-factor authentication settings to make entry easier. The hackers then reached sensitive parts of the system that handled network controls and customer information, including cryptocurrency wallets.

Next, they grabbed database login details stored insecurely in the system, accessed the production database, and made changes to user accounts. This included resetting passwords and updating MFA codes for high-value accounts. In the end, the attackers were able to withdraw several million dollars in digital currency.

UNC4899 also targeted the company’s automated development processes to stay hidden in the cloud. They planted commands in Kubernetes deployments so that every time a new pod started, it automatically downloaded a backdoor.

Google suggests that companies keep cloud environments strictly separated, limit peer-to-peer file sharing, and watch for unusual activity in containers. Additionally, organizations should use phishing-resistant multi-factor authentication and strong secrets management to reduce the risk of a breach.

Broader North Korean Cyber Activity

Other North Korea-related groups, such as Konni, are using AI-generated malware with the help of PowerShell to target blockchain developers. These attackers send malicious Discord messages with malware that can steal money and data.

Reports show that over $16.5 million went to North Korean IT workers pretending to be legitimate freelancers in 2025 alone. This shows how risky hiring practices can be and highlights the need for stronger background checks and better cybersecurity awareness.

Source

admin 18917 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.