Place your ads here email us at info@blockchain.news
NEW
North Korean Hackers Target Crypto Firms with Job Application Malware as Thefts Hit Record $2.1 Billion in H1 2025 | Flash News Detail | Blockchain.News
Latest Update
7/2/2025 12:35:00 PM

North Korean Hackers Target Crypto Firms with Job Application Malware as Thefts Hit Record $2.1 Billion in H1 2025

North Korean Hackers Target Crypto Firms with Job Application Malware as Thefts Hit Record $2.1 Billion in H1 2025

According to @zachxbt, a North Korean hacking group known as Famous Chollima is actively targeting cryptocurrency professionals with a new Python-based malware called PylangGhost. The attack, detailed by Cisco Talos researchers, uses sophisticated fake career sites impersonating top firms like Coinbase and Uniswap to lure targets into a fraudulent job application process. This process tricks users into running a command that installs the malware, which is designed to steal credentials and wallet data from over 80 browser extensions, including MetaMask and Phantom. This poses a significant direct risk to traders' assets. Compounding the security threat, a TRM Labs report reveals that the first half of 2025 was the worst on record for crypto security, with over $2.1 billion lost to hacks. North Korean-linked groups are reportedly responsible for $1.6 billion of this total, largely due to the historic $1.5 billion Bybit hack. The report also highlights a strategic shift in attack vectors, with 80% of stolen funds coming from infrastructure-level breaches like private key theft, which are proving far more lucrative than smart contract exploits. Despite these severe security threats, market data shows Ethereum (ETH) trading resiliently around $2,600, up over 6% in the past 24 hours.

Source

Analysis

Ethereum Rallies Past $2,600 Despite Record-Breaking Crypto Hacks


The cryptocurrency market is demonstrating remarkable resilience, with Ethereum (ETH) leading a significant rally, even as the industry grapples with unprecedented security threats. On-chain analyst ZachXBT highlighted recent findings from security researchers detailing sophisticated new attack vectors from state-sponsored actors. Despite a backdrop of over $2.1 billion stolen in the first half of 2025, ETH has surged over 6%, breaking past the critical $2,600 level. The ETH/USDT pair climbed to a 24-hour high of $2,615.26, while the ETH/USD pair touched $2,616.01. This bullish momentum suggests traders are currently prioritizing macroeconomic factors or network-specific catalysts over the persistent risk of large-scale thefts.



North Korea Deploys New Malware in Sophisticated Job Scams


A primary source of concern stems from a new campaign orchestrated by a North Korean-aligned hacking group known as Famous Chollima. According to a report from Cisco Talos, the group is targeting cryptocurrency professionals with a novel Python-based malware named PylangGhost. The attackers impersonate major crypto firms like Coinbase, Robinhood, and Uniswap, creating elaborate fake career portals to lure software engineers and other specialists. The attack unfolds during a staged "skill test," where applicants are tricked into running a command that stealthily installs a remote access trojan (RAT). This malware is designed to grant the attackers full control over the victim's machine, enabling them to steal sensitive data from over 80 browser extensions, including popular wallets like MetaMask, Phantom, and TronLink, as well as password managers like 1Password. The shift to a Python-based RAT indicates an effort to better target Windows systems, broadening the potential attack surface beyond the previously used Golang-based tools affecting Mac users.



Infrastructure Breaches Fuel Record $2.1B in Losses


The scale of the threat is staggering. A recent report from TRM Labs revealed that the first half of 2025 was the worst six-month period on record for crypto security, with total losses exceeding $2.1 billion. North Korean-linked entities are reportedly responsible for a staggering $1.6 billion, or 70%, of these stolen funds. The single largest incident, the $1.5 billion Bybit hack in February, has been attributed to North Korea and has skewed the average hack size to $30 million this year. Crucially, the attack vectors have evolved. Over 80% of the stolen funds came from infrastructure-level breaches, such as private key theft and front-end hijacks, which are proving far more lucrative than the smart contract exploits that dominated previous years. This trend underscores a critical risk for traders and investors, as the security of the exchanges and platforms they use is now the most significant vulnerability.



ETH and LINK Price Analysis: Navigating a Bullish but Risky Market


Despite the dire security landscape, the price action tells a different story. Ethereum has shown considerable strength, establishing support around the 24-hour low of $2,432. The immediate challenge for bulls is to solidify a foothold above the $2,600 mark and breach the daily high near $2,618, which now acts as a key short-term resistance level. A decisive break above this could signal further upside potential. The ETH/BTC pair also posted a strong gain of over 3.5% to reach 0.02358, indicating that Ethereum is currently outperforming Bitcoin and capturing a larger share of market momentum. This outperformance is often a bullish signal for the broader altcoin market. Indeed, Chainlink (LINK) has followed suit, with the LINK/USDT pair rising over 5.8% to $13.81. The trading volume for ETH/USDT, at over 545 ETH, suggests solid participation in the upward move. However, traders must remain cautious. The persistent threat of major hacks could inject sudden volatility into the market, and any failure to hold the $2,500 support level could see a rapid retest of the daily lows.

ZachXBT

@zachxbt

ZachXBT is an Pseudonymous independent on-chain sleuth who is popular on revealing bad actors and scams in the crypto space

Place your ads here email us at info@blockchain.news