• About Us
  • Careers
  • Contact
No Result
View All Result
Tuesday, August 5, 2025
DeFi Planet
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
No Result
View All Result
DeFi Planet
No Result
View All Result
Home News Crime

North Korean Hackers Infiltrate Crypto Firms Using Fake Job Scams, Steal Millions in Digital Assets

5 August 2025
in Crime
Reading Time: 3 mins read
100 8
North Korean Hackers Infiltrate Crypto Firms Using Fake Job Scams, Steal Millions in Digital Assets

Source: IEEE Spectrum

North Korean threat actors are ramping up a sophisticated campaign of cyber theft targeting the cryptocurrency industry, using fake identities and remote job scams to infiltrate firms and siphon off millions of dollars in digital assets.

Cybersecurity researchers at Google Cloud and cloud security firm Wiz have both issued separate but aligned reports warning about the activities of UNC4899—also known as TraderTraitor—an advanced persistent threat group linked to North Korea’s military intelligence agency, the Reconnaissance General Bureau.

According to Google Cloud’s latest H2 2025 Cloud Threat Horizons Report, UNC4899 has been actively targeting the blockchain and cryptocurrency sectors since at least 2020, deploying highly refined social engineering tactics and exploiting cloud-specific vulnerabilities to breach organizations.

Google cloud report
Google cloud report – Source: Google cloud

In two detailed incidents highlighted by Google, UNC4899 attackers posed as freelance recruiters on platforms like LinkedIn and Telegram. After establishing contact with employees, they convinced victims to run malicious Docker containers on their machines. These containers installed backdoors that gave the hackers access to internal systems.

Once inside, the attackers moved quickly—harvesting credentials, disabling multi-factor authentication (MFA), and identifying infrastructure connected to crypto wallets. In one case, after stealing millions in crypto assets via a compromised Google Cloud account, the attackers even re-enabled MFA to delay detection.

Wiz’s independent analysis corroborates Google’s findings, noting that UNC4899—also known under aliases like Jade Sleet, Slow Pisces, and TraderTraitor—shares overlapping techniques with other North Korean hacking groups such as Lazarus Group, BlueNoroff, and APT38.

The group reportedly shifted focus in 2023 toward using fake job offers as a primary vector of attack, specifically targeting employees at crypto exchanges and blockchain startups. Among their most devastating breaches are the $305 million heist from Japan’s DMM Bitcoin and the massive $1.5 billion Bybit attack in late 2024.

While exact figures vary, both Google and Wiz estimate UNC4899 alone has stolen tens of millions of dollars across multiple incidents. Chainalysis data shows North Korean-linked hackers looted $1.34 billion in crypto during 2024, while Wiz believes the figure has risen to $1.6 billion as of mid-2025.

 

If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.

“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”

Don't miss out!

Subscribe To Our Newsletter

Receive top education news, lesson ideas, teaching tips and more!
Invalid email address
Give it a try. You can unsubscribe at any time.
Thanks for subscribing!
Tags: Google cloudNorth Korea
Share63Tweet39Share11
Favour Okosodo

Favour Okosodo

Experienced web content writer with a strong command of SEO, specializing in creating concise, engaging content that drives traffic and enhances conversions across diverse industries.

Related Posts

Bitsonic CEO Gets Sentence Extension for Fraud Involving Exchange Token BSC
Crime

Bitsonic CEO Gets Sentence Extension for Fraud Involving Exchange Token BSC

5 August 2025
Crypto Hacks Surge to $142M in July, CoinDCX Suffers Largest Breach
Crime

Crypto Hacks Surge to $142M in July, CoinDCX Suffers Largest Breach

1 August 2025
source: 99bitcoins.com
Crime

CoinDCX Employee Arrested Following $44 Million Crypto Heist Linked to Social Engineering Attack

31 July 2025
source: dexerto.com
Crime

FaZe Clan CEO Steps Down Amid $200M MLG Crypto Scandal, Denies Wrongdoing as Fallout Roils Esports Community

30 July 2025

Featured Posts

Web3 in 2025: Where We Are, What’s Next, and What the Data Says

Web3 in 2025: Where We Are, What’s Next, and What the Data Says

byOlayinka Sodiq
21 July 2025
0

Which Pays Better Right Now: DeFi’s High-Yield Pairs or Traditional Finance’s Cash Vehicles?

Which Pays Better Right Now: DeFi’s High-Yield Pairs or Traditional Finance’s Cash Vehicles?

byOlayinka Sodiq
6 July 2025
0

The Future of Crypto Could Be Institutional—And That’s Not a Bad Thing

The Future of Crypto Could Be Institutional—And That’s Not a Bad Thing

byOlajumoke Oyaleke
30 June 2025
0

What Is a Rebase Token and How Does It Work?

What Is a Rebase Token and How Does It Work?

byOlajumoke Oyaleke
28 June 2025
0

Smart Contracts on Ethereum, Solana, vs. Other Blockchains

Smart Contracts on Ethereum, Solana, vs. Other Blockchains

byOlajumoke Oyaleke
26 June 2025
0

Read More

Chain of Thoughts

What Happens When AI Gets a Wallet?

What Happens When AI Gets a Wallet?

byOlu Omoyele
31 July 2025
0

...

The Game-changing Triumvirate: Blockchain, Data Science, and Artificial Intelligence

The Game-changing Triumvirate: Blockchain, Data Science, and Artificial Intelligence

byOlu Omoyele
30 June 2025
0

...

Are Stablecoins Bank Deposits?

Are Stablecoins Bank Deposits?

byOlu Omoyele
31 May 2025
0

...

DAOs and the Coordination of Human Endeavour

DAOs and The Coordination of Human Endeavour

byOlu Omoyele
27 April 2025
0

...

Markets Update

US Ether ETFs Turn One: What $16.6B in Assets and Bullish Inflows Signal for the Future

2 days ago

Is ETH Restaking Driving Efficiency or Introducing a Dangerous Complexity?

3 days ago

Your Weekend Crypto Roundup | August 2025 (Week 1)

4 days ago

Meta’s $72 Billion AI Investment: A Strategic Shift from the Metaverse to Artificial Intelligence

5 days ago

Is Web3 Finally Solving Its Risk Problem? A Market Review of DeFi Insurance Models

6 days ago

How Coinshift Is Progressing the Stablecoin Space

6 days ago
Read More

Events

Rare Evo 2025
Rare Evo 2025
6 Aug 25
Las Vegas
CBDC Conference
CBDC Conference
9 Sep 25
Nassau

Spotlight

All about Ethereum
All about Algorand
All about Bitcoin
All about Gora

Press Releases

Cango Inc. Announces July 2025 Bitcoin Production and Mining Operations Update

bychainwire
5 August 2025
0

Bybit Expands USDT0 Support to HyperEVM, Corn, and Berachain — Unlocking Seamless Stablecoin Access Across Ecosystems

bychainwire
4 August 2025
0

Apu Is Now Live for Trading on Hyperliquid

bychainwire
4 August 2025
0

Bybit’s Ben Zhou Invites Community to Rewrite Their Own Success in Mid-Year Keynote Livestream

bychainwire
4 August 2025
0

Josip Heit and Apertum Secure Legal Victory Over Texas Securities Board (TSSB), Fueling the Next Evolution in DeFi

Josip Heit and Apertum Secure Legal Victory Over Texas Securities Board (TSSB), Fueling the Next Evolution in DeFi

byGuest Author
1 August 2025
0

Read More

ADVERTISING

ABOUT

TEAM

CAREERS

CONTACT

TERMS & CONDITIONS

PRIVACY POLICY

© Copyright 2025 DeFi Planet

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Please enter and activate your license key for Cryptocurrency Widgets PRO plugin for unrestricted and full access of all premium features.

Add New Playlist

No Result
View All Result
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer

© Copyright 2024 DeFi Planet   |   Terms & Conditions   |   Privacy Policy

-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00