ChainCatcher reports that, according to Cointelegraph, the U.S. cybersecurity firm Mandiant, a subsidiary of Google Cloud, has discovered that North Korea-linked threat groups are increasing social engineering attacks targeting cryptocurrency and fintech companies.
The threat group (codenamed UNC1069) has deployed seven malicious software suites, including newly discovered SILENCELIFT, DEEPBREATH, and CHROMEPUSH, aimed at obtaining sensitive data and stealing digital assets. The attackers exploit compromised Telegram accounts and use AI-generated deepfake videos to lure victims into fake Zoom meetings. Mandiant has been tracking this group since 2018, but advances in AI have helped the group expand its malicious activities since November 2025. In one intrusion, the attackers used stolen cryptocurrency founder Telegram accounts to initiate contact and employed a so-called ClickFix attack to trick victims into executing “troubleshooting” commands containing hidden instructions.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
An American Express–XRP partnership rumor is debunked, and fake hype triggers market turbulence
Amid rumors of a partnership between American Express and XRP ultimately falling through, it was actually announced that it would become the NFL’s official payments partner, without mentioning Ripple. The prior hype misled people, leading to a negative market reaction, and the XRP price dropped by about 29%. Analysts warn investors to stay alert to false information and social-media hype.
GateNews36m ago
Anthropic Claude Code 512,000 lines leaked, $350 billion IPO plan hit by blow
Anthropic accidentally leaked 512,000 lines of source code for Claude Code on March 31, triggering security risks and concerns about market valuation. After the leak, the code quickly spread to GitHub and prompted DMCA takedowns. The leaked content revealed internal functionality and unpublished details, exposing the security risks businesses face. The incident highlights that AI companies need to strengthen code security and permission management, and it could also affect Anthropic’s pre-IPO prospects.
GateNews54m ago
Nearly 7 million Bitcoin face a quantum threat; Satoshi Nakamoto’s Bitcoin may be the first to be hit
On-chain reports show that about 6.7 million bitcoins are stored in addresses that are vulnerable to quantum computing attacks, some of which belong to Satoshi Nakamoto. Google’s team warns that these bitcoins face a risk of their private keys being derived due to the use of early P2PK scripts. Experts emphasize that it is crucial to safeguard the security of these assets, and call for advances in quantum protection and the development of regulatory policies to address future threats.
GateNews1h ago
LML was attacked, incurring a $950,000 loss; the coin price plunged 99.6% in one day
The LML token was attacked, suffering a loss of about $950,000, and its price is nearly zero. The attacker exploited a design flaw in the TWAP pricing mechanism to manipulate the price, using a series of trades to obtain large rewards and quickly cash out. This incident highlights the potential risks in DeFi protocol reward mechanism design, and also serves as a reminder for the industry to strengthen safeguards to prevent similar attacks from happening again.
MarketWhisper1h ago
LML suffers a hack, losing about $950,000; the token price plunges 99.6%
Gate News update: On April 1, according to PeckShield monitoring, LML was hacked, with losses of about $950,000, causing the LML token price to plunge 99.6%. The attacker converted 950,000 USDT into 450.6 ETH and deposited it into TornadoCash.
GateNews1h ago
LML suffered an attack loss of about $950,000, with the token plunging 99.6%
Gate News update: On April 1, according to PeckShield monitoring, LML suffered an attack loss of about $950,000, causing the LML token to plunge 99.6%. The attacker converted 950,000 USDT into 450.6 ETH and deposited it into Tornado Cash.
GateNews1h ago
