DPRK
Coverage of DPRK in the Nexus archive.
- Chainalysis, South Korean police link up to fight crypto crime
Chainalysis and South Korean police have partnered to combat crypto-related crimes, including state-level threats from DPRK and scams targeting retail investors.
- Thorchain "exploit" timeline
Thorchain has been hacked six times in five years, resulting in significant financial losses and compromised security. The hacks have occurred through different layers of the architecture, including smart contract bugs, validator software vulnerabilities, and social engineering attacks. The total loss or trapped funds amount to approximately $227 million.
- Drift outlines a recovery plan for users after $295 million DPRK-linked exploit
Drift has outlined a recovery plan for its users after a $295 million exploit linked to DPRK. The plan aims to help users recover from the significant financial loss. The incident highlights the increasing threat of cyber attacks
- Ripple to Share North Korean Threat Intelligence With Crypto Industry
Ripple will share North Korean threat intelligence with the crypto industry following two major exploits of DeFi protocols Drift and KelpDAO in April. The DPRK hackers are shifting to social engineering tactics. This move aims to enhance security measures within the crypto industry.
- New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
Cybersecurity researchers discovered a malicious npm package, '@validate-sdk/v2', used in attacks attributed to the DPRK. The package, falsely presented as a legitimate SDK, was linked to Anthropic's Claude Opus LLM and employs AI-inserted malware, fake firms, and RATs for cyber operations.
- DPRK Fake Job Scams Self-Propagate in 'Contagious Interview'
A compromised developer's repository is being used to propagate fake job scams linked to the DPRK, spreading remote access Trojans (RATs) and other malware through a worm-like infection vector. The attack method leverages malicious software to compromise systems and steal data.
- North Korea tied to heists worth $578M in April after Kelp DAO exploit
North Korea was linked to over $578 million in cryptocurrency theft in April following the Kelp DAO exploit. Attacks attributed to DPRK-linked actors expanded across blockchain protocols, companies, and individual users.
- Ethereum Foundation-funded program exposes 100 DPRK workers in crypto
The Ethereum Foundation-funded Ketman Project identified 100 North Korean IT workers involved in cryptocurrency and alerted approximately 53 projects employing DPRK operatives. The initiative aims to expose and mitigate security risks posed by North Korean cyber activities in the crypto space.
- Ethereum Foundation Helps Expose North Korean Workers That Infiltrated Crypto Firms
The Ethereum Foundation conducted a six-month program that identified approximately 100 North Korean IT workers infiltrating 53 cryptocurrency projects. The initiative aimed to counter cyber threats linked to the Democratic People's Republic of Korea (DPRK).
- Tornado Cash Co-Founders Accused of Helping Cybercriminals Launder Stolen Crypto
Two co-founders of Tornado Cash, a cryptocurrency mixing service, face federal charges for allegedly helping cybercriminals launder stolen crypto. They are accused of conspiring with DPRK-sponsored actors, violating U.S. sanctions, and operating an unlicensed money transmitting business.