CyberSecurityBoard
Sponsor Register Login

North Korean hackers using blockchain to hide malware

North Korean hacker groups have adopted innovative techniques to conceal malware using blockchain technology, complicating detection and mitigation efforts. This new method leverages the decentralized and immutable nature of blockchain to embed malicious code, making it harder for traditional cybersecurity tools to identify and remove threats. The attackers exploit blockchain's transparency and security features to mask their activities, posing significant challenges to defenders. This evolution in tactics highlights the increasing sophistication of cyber threats emanating from North Korea, emphasizing the need for advanced threat intelligence and adaptive defense mechanisms. Cybersecurity professionals must stay vigilant and update their strategies to counteract these emerging threats effectively. Understanding the intersection of blockchain technology and malware deployment is crucial for developing robust security frameworks. This article delves into the techniques employed by North Korean hackers, the implications for global cybersecurity, and recommended measures to enhance detection and response capabilities.

This Cyber News was published on therecord.media. Publication date: Thu, 16 Oct 2025 15:25:21 +0000


Cyber News related to North Korean hackers using blockchain to hide malware

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks - Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet, that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for ...
1 year ago Microsoft.com
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
2 years ago Bleepingcomputer.com Andariel Kimsuky Lazarus Group
North Korean IT worker scam is now a threat to all companies, cybersecurity experts say | The Record from Recorded Future News - Since disruptions began last year and law enforcement has publicly warned companies of the practice, DTEX’s Barnhart and others said they have seen some workers try to extort companies or hand off their access to more sophisticated North Korean ...
7 months ago Therecord.media
Exploring Blockchain's Revolutionary Impact on E-Commerce - The trend of choosing online shopping over traditional in-store visits is on the rise, with e-commerce transactions dominating the digital landscape. Blockchain technology emerges as a solution to bolster the security of online transactions. ...
2 years ago Cysecurity.news Inception
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
2 years ago Therecord.media
North Korean Hackers Utilizing Credential Stuffing to Launch Cyberattacks - In an alarming new report, researchers found that North Korean-linked hackers have been using stolen passwords during cyberattacks to gain access to various government, military and financial networks. According to security experts, the creative ...
2 years ago Thehackernews.com
macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks - North Korean advanced persistent threat groups are mixing and matching components of two recently unleashed types of Mac-targeted malware to evade detection and fly under the radar as they continue their efforts to conduct operations at the behest of ...
2 years ago Darkreading.com
U.S DoJ Announces Nationwide Actions to Combat North Korean Remote IT Workers - The U.S. Department of Justice announced coordinated nationwide law enforcement actions on June 30, 2025, targeting North Korean remote information technology workers’ illicit revenue generation schemes that have defrauded American companies ...
5 months ago Cybersecuritynews.com
North Korean IT worker army expands operations in Europe - GTIG's report follows multiple warnings issued by the FBI regarding North Korea's massive army of IT workers sent abroad to generate revenue, who have tricked hundreds of companies in the United States and worldwide into hiring them over the years. ...
8 months ago Bleepingcomputer.com
Reserachers Uncovered North Korean Nationals Remote IT Worker Fraud Scheme - In a significant cybersecurity investigation, researchers have revealed an elaborate fraud scheme orchestrated by North Korean nationals who used stolen identities to secure remote IT positions at US-based companies and nonprofits. The operation ...
7 months ago Cybersecuritynews.com
North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit | The Record from Recorded Future News - TRM Labs has tracked previous thefts by North Korean actors and found a similar playbook, where the hackers use DeFi platforms to convert funds into Bitcoin before using mixers to obfuscate the source of the cryptocurrency. Last week, the FBI ...
9 months ago Therecord.media Lazarus Group
Integrating the Power of AI and Blockchain for Data Security and Transparency - In an ever-changing digital landscape, providing strong data security and transparency has become critical. This article explores the dynamic interaction of two transformational technologies: artificial intelligence and blockchain. Artificial ...
1 year ago Cysecurity.news
North Korean Hackers Stole $600m in Crypto in 2023 - North Korean hackers stole at least $600m in cryptocurrency in 2023, around a third of the total value of such heists, according to blockchain intelligence firm TRM. Despite the eye-watering sum, this figure represents a 30% reduction on ...
1 year ago Infosecurity-magazine.com
AI and Blockchain Convergence: A Game Changer in the Digital Sector - AI and blockchain are two of the most revolutionary technologies of our time, and their combination will totally transform the tech sector. The two main axes around which blockchain is conceptualised are cryptocurrencies and the infrastructure ...
2 years ago Cysecurity.news
The past year was the most detrimental for digital currency security breaches, with North Korean organizations profiting. - In 2022, cyberattacks on cryptocurrency platforms resulted in the theft of almost $4 billion, with a large portion of the activity being attributed to hackers working on behalf of the North Korean government. According to blockchain research firm ...
2 years ago Therecord.media Lazarus Group
US govt sanctions North Korea's Kimsuky hacking group - The Treasury Department's Office of Foreign Assets Control has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals. OFAC has also sanctioned eight North Korean agents for ...
2 years ago Bleepingcomputer.com Andariel Kimsuky
North Korean hackers use Etherhiding to hide malware on the blockchain - North Korean hackers have adopted a novel technique called Etherhiding to conceal malware within the Ethereum blockchain. This innovative method leverages the decentralized and immutable nature of blockchain technology to evade traditional detection ...
2 months ago Bleepingcomputer.com North Korean hackers
Microsoft: BlueNoroff hackers plan new crypto-theft attacks - Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. This financially motivated threat group also has a documented history of cryptocurrency ...
2 years ago Bleepingcomputer.com
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers - The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. A cryptocurrency mixer is a server that allows people to deposit crypto, ...
2 years ago Bleepingcomputer.com Lazarus Group
North Korean hackers using blockchain to hide malware - North Korean hacker groups have adopted innovative techniques to conceal malware using blockchain technology, complicating detection and mitigation efforts. This new method leverages the decentralized and immutable nature of blockchain to embed ...
2 months ago Therecord.media North Korean hackers
Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms - The US government has announced charges, seizures, arrests and rewards as part of an effort to disrupt a scheme in which North Korean IT workers infiltrated hundreds of companies and earned millions of dollars for North Korea. According to the ...
1 year ago Securityweek.com
North Korea's Kimsuky Attacks Rivals' Trusted Platforms - North Korea-linked threat groups are increasingly using living-off-the-land (LotL) techniques and trusted services to evade detection, with a recent Kimsuky campaign showcasing the use of PowerShell scripts and storing data in Dropbox folders, along ...
10 months ago Darkreading.com Andariel Kimsuky
North Korean Hackers Using EtherHiding to Evade Detection - North Korean hackers have adopted a sophisticated new technique called EtherHiding to evade cybersecurity defenses and conduct stealthy cyber espionage. This method leverages the Ethereum blockchain to conceal malicious activities, making detection ...
2 months ago Cybersecuritynews.com North Korean hackers
State-Sponsored APT Groups Use Ransomware Tactics for Intelligence Gathering and Sabotage - State-sponsored threat groups are increasingly using ransomware-like tactics to hide more insidious activities. Russian APT group Sandworm has used ransomware programs to destroy data multiple times in the past six months, while North Korea's Lazarus ...
2 years ago Csoonline.com Andariel APT3 APT37 APT38 Kimsuky Lazarus Group BianLian
North Korean hackers linked to $1.5 billion ByBit crypto heist - Since the attack, crypto fraud investigator ZachXBT has discovered links between the Bybit hackers and the infamous North Korean Lazarus threat group after the attackers sent stolen Bybit funds to an Ethereum address previously ...
10 months ago Bleepingcomputer.com Lazarus Group

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)