CyberSecurityBoard
Sponsor Register Login

NK Hackers Use EtherHiding to Steal Cryptocurrency

North Korean hackers have been identified using a sophisticated malware called EtherHiding to steal cryptocurrency from victims. This malware specifically targets Ethereum wallets by hiding malicious code within legitimate smart contracts, making detection challenging. The attack involves exploiting vulnerabilities in decentralized finance (DeFi) platforms and leveraging social engineering tactics to trick users into executing harmful transactions. The stolen funds are then laundered through various cryptocurrency mixers and exchanges to obscure the trail. This campaign highlights the increasing trend of state-sponsored cybercriminals focusing on digital assets as lucrative targets. Organizations and individuals involved in cryptocurrency trading and DeFi should enhance their security measures, including regular smart contract audits, multi-factor authentication, and user education on phishing threats. The emergence of EtherHiding underscores the evolving threat landscape in the crypto space and the need for continuous vigilance and advanced threat detection capabilities.

This Cyber News was published on www.infosecurity-magazine.com. Publication date: Fri, 17 Oct 2025 14:30:03 +0000


Cyber News related to NK Hackers Use EtherHiding to Steal Cryptocurrency

How Businesses Can Manage Cryptocurrency Fraud - With cryptocurrency payments on the rise, businesses must learn how to safeguard against potential risks. Businesses across the US are seeking innovative payment methods, with an estimated 75% of retailers looking to embrace cryptocurrency payment ...
1 year ago Cyberdefensemagazine.com
North Korean Hackers Use EtherHiding to Evade Detection in Cyber Espionage Campaign - North Korean hackers have adopted a sophisticated technique called EtherHiding to evade detection in their cyber espionage campaigns. This method allows them to conceal malicious activities within legitimate network traffic, making it harder for ...
2 months ago Thehackernews.com North Korean hackers
NK Hackers Use EtherHiding to Steal Cryptocurrency - North Korean hackers have been identified using a sophisticated malware called EtherHiding to steal cryptocurrency from victims. This malware specifically targets Ethereum wallets by hiding malicious code within legitimate smart contracts, making ...
2 months ago Infosecurity-magazine.com North Korean hackers
New Research Delves Into the World of Malicious Cryptocurrency Mining - As cryptocurrency prices have soared in recent years, malicious cryptocurrency miners have increasingly targeted vulnerable computer systems with malicious crypto-mining software in search of profits. In a new research paper, security researchers at ...
2 years ago Thehackernews.com
SharkStealer Using EtherHiding Pattern to Evade Detection - SharkStealer, a notorious information-stealing malware, has adopted a sophisticated evasion technique known as the EtherHiding pattern to avoid detection by security solutions. This advanced method allows the malware to conceal its network traffic ...
2 months ago Cybersecuritynews.com
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
2 years ago Bleepingcomputer.com Andariel Kimsuky Lazarus Group
North Korean Hackers Amass $3bn in Cryptocurrency Heists - North Korean hackers have reportedly stolen a total of $3bn in cryptocurrency since 2017, as revealed in a recent report by Recorded Future's Insikt Group. The revelation underscores the prolonged engagement of the regime in the cryptocurrency ...
2 years ago Infosecurity-magazine.com
Mandiant's X account hacked by crypto Drainer-as-a-Service gang - The threat actor who took over Mandiant's X social media account used it to share links, redirecting the company's over 123,000 followers to a phishing page to steal cryptocurrency. As Mandiant found during a follow-up investigation into the ...
1 year ago Bleepingcomputer.com
North Korean Hackers Using EtherHiding to Evade Detection - North Korean hackers have adopted a sophisticated new technique called EtherHiding to evade cybersecurity defenses and conduct stealthy cyber espionage. This method leverages the Ethereum blockchain to conceal malicious activities, making detection ...
2 months ago Cybersecuritynews.com North Korean hackers
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
2 years ago Therecord.media
Microsoft: BlueNoroff hackers plan new crypto-theft attacks - Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. This financially motivated threat group also has a documented history of cryptocurrency ...
2 years ago Bleepingcomputer.com
Chainalysis observes decrease in cryptocurrency crime in 2023 - While the ransomware market is rising and cybercriminals continue to rack up bitcoin payments, illicit cryptocurrency activity is declining, according to new research from Chainalysis. Funds sent to illicit cryptocurrency addresses dropped from $39.6 ...
1 year ago Techtarget.com Rocke
Hundreds of Thousands of Dollars Worth of Solana Cryptocurrency Assets Stolen in Recent CLINKSINK Drainer Campaigns - On January 3, 2024, Mandiant's X social media account was taken over and subsequently used to distribute links to a cryptocurrency drainer phishing page. The following blog post provides additional insight into the drainer leveraged in this campaign, ...
1 year ago Mandiant.com
North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report - North Korean threat actors are believed to have stolen more than $3 billion in cryptocurrency to date, according to a report from threat intelligence firm Recorded Future. Collectively tracked as the Lazarus Group, the North Korean hackers specialize ...
2 years ago Securityweek.com Lazarus Group
Scattered Spider member pleads guilty to identity theft, wire fraud charges | The Record from Recorded Future News - Urban, who goes by the alias "Sosa," “Elijah,” and “King Bob” was "part of a group of loosely organized individuals who engage in account takeovers and [stole] cryptocurrency from online exchanges" from August 2022 through ...
8 months ago Therecord.media Scattered Spider
US Treasury removes sanctions on Tornado Cash after appellate court loss | The Record from Recorded Future News - In November, the federal appeals court ruled that the executive branch’s authority to “block ‘property’ in which a foreign ‘national’ or ‘person’ has an ‘interest’” did not apply in the case of Tornado Cash because its immutable ...
9 months ago Therecord.media Lazarus Group
Hackers Stole Cryptocurrency Worth $2 Billion in Year 2023 - As per crypto security firms, this was the first time since 2020, that the trend has been declining. Based on dozens of cyberattacks and thefts this year, hackers stole over $2 billion in cryptocurrency, according to De.FI, the web3 security company ...
1 year ago Cysecurity.news Lazarus Group
North Korean Hackers' $12M Ethereum Laundering Via Tornado Cash Unveiled - It has been reported that North Korean hackers associated with the Lazarus Group have exploited Tornado Cash in a recent development to launder approximately $12 million worth of stolen Ethereum in the last 24 hours, using the coin mix-up service ...
1 year ago Cysecurity.news Lazarus Group
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data - A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital ...
1 year ago Thehackernews.com
FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist - Since the incident, crypto fraud investigator ZachXBT discovered multiple links to the infamous North Korean threat group after the attackers sent some of the stolen Bybit funds to an Ethereum address used in the Phemex, BingX, and Poloniex hacks ...
10 months ago Bleepingcomputer.com APT3 APT38 Lazarus Group
The past year was the most detrimental for digital currency security breaches, with North Korean organizations profiting. - In 2022, cyberattacks on cryptocurrency platforms resulted in the theft of almost $4 billion, with a large portion of the activity being attributed to hackers working on behalf of the North Korean government. According to blockchain research firm ...
2 years ago Therecord.media Lazarus Group
Bitzlato Cryptocurrency Exchange Shut Down by Authorities for Cybercriminal Links - Bitlato, a cryptocurrency exchange based in the UK, has been shutdown by the authorities after accusations of links to cybercrime. The sudden closure of the exchange left investors and customers in shock and without their funds. ...
2 years ago Grahamcluley.com
New Attack Exploiting X/Twitter Advertising Display URL Feature to Trick Users - Cybersecurity researchers have uncovered a campaign that tricks users by displaying trusted domain names in advertisements while redirecting victims to malicious cryptocurrency scam websites. This technique was previously reported by Bleeping ...
7 months ago Cybersecuritynews.com
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com
Multichain Inferno Drainer Abuse Web3 Protocols - A cryptocurrency-related phishing scam that uses malware called a drainer is one of the most widely used tactics these days. From November 2022 to November 2023, 'Inferno Drainer', a well-known multichain cryptocurrency drainer, was operational under ...
1 year ago Gbhackers.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)