According to Fox News, North Korean hackers are deploying a new Python-based malware, PylangGhost, by disguising it within fake job applications for major crypto firms like Coinbase, Robinhood, and Uniswap. Researchers at Cisco Talos report this social engineering campaign aims to steal private keys and wallet data from over 80 browser extensions, including MetaMask and Phantom, giving attackers full remote control of infected Windows and Mac systems. This threat comes as a TRM Labs report reveals a record $2.1 billion was stolen in the first half of 2025, with North Korean groups allegedly responsible for $1.6 billion. The data indicates a significant strategic shift in attack vectors, with over 80% of stolen funds now coming from infrastructure-level breaches like private key theft, which are ten times more lucrative than the once-prevalent DeFi smart contract exploits. For traders, this highlights a critical and evolving security risk to personal and exchange-held assets, contributing to negative market sentiment as seen in the recent downturns of major assets like Ethereum (ETH) and Chainlink (LINK).

According to @zachxbt, a North Korean hacking group known as Famous Chollima is actively targeting cryptocurrency professionals with a new Python-based malware called PylangGhost. The attack, detailed by Cisco Talos researchers, uses sophisticated fake career sites impersonating top firms like Coinbase and Uniswap to lure targets into a fraudulent job application process. This process tricks users into running a command that installs the malware, which is designed to steal credentials and wallet data from over 80 browser extensions, including MetaMask and Phantom. This poses a significant direct risk to traders' assets. Compounding the security threat, a TRM Labs report reveals that the first half of 2025 was the worst on record for crypto security, with over $2.1 billion lost to hacks. North Korean-linked groups are reportedly responsible for $1.6 billion of this total, largely due to the historic $1.5 billion Bybit hack. The report also highlights a strategic shift in attack vectors, with 80% of stolen funds coming from infrastructure-level breaches like private key theft, which are proving far more lucrative than smart contract exploits. Despite these severe security threats, market data shows Ethereum (ETH) trading resiliently around $2,600, up over 6% in the past 24 hours.

According to @zachxbt, North Korean hackers are deploying a new Python-based malware called PylangGhost, disguised in fake job applications from major crypto firms like Coinbase and Uniswap to steal wallet credentials. A report from Cisco Talos details that the malware targets crypto professionals on Windows systems, aiming to compromise wallets such as MetaMask and Phantom. This activity is part of a larger, alarming trend highlighted by a TRM Labs report, which found that a record $2.1 billion was stolen from crypto platforms in the first half of 2025. North Korean-linked groups are reportedly responsible for $1.6 billion of these losses, primarily due to the historic $1.5 billion Bybit hack. The analysis indicates a strategic shift in attack vectors, with over 80% of stolen funds coming from infrastructure-level breaches like private key theft, which are proving far more profitable than DeFi exploits. Despite these significant security threats, market data shows resilience, with Ethereum (ETH) trading around $2,599.45, up over 6.3% in 24 hours, and Chainlink (LINK) at $13.81, up over 5.8%.