2024-05
South Korean police investigated suspected North Korean hacking of personal email accounts belonging to senior Ministry of National Defense officials and military officers, including vice-minister-level officials and generals. Reporting said the incident …
🇰🇷 Korea, Republic of
#Espionage
#Defense
2024-05
AlexLab experienced a $4.3 million exploit due to a compromised private key, impacting their XLink bridge on the BNB network. The attacker used phishing to gain control of the vault keys, allowing them to drain 13.7 million STX, with 3 million STX sent to…
🇸🇬 Singapore
#Cryptocurrency
#FinancialGain
2024-04
Rain disclosed and contained a cryptocurrency exchange security incident after reporting indicated the Bahrain-headquartered platform lost crypto assets in a confirmed exploit, while Rain stated customer fiat and crypto assets remained fully accounted for…
🇧🇸 Bahamas
#Cryptocurrency
#FinancialGain
2024-04
By April 2024, South Korean police and partner agencies reported broad North Korea-linked intrusions against domestic defense contractors and less-secure partner companies, attributed to groups including Lazarus, Andariel, and Kimsuky. The attackers sough…
🇰🇷 Korea, Republic of
#Espionage
#Defense
2024-04
Avast reported that GuptiMiner hijacked the eScan antivirus update mechanism to distribute backdoors and coinminers, turning trusted security software updates into a supply-chain delivery path. The campaign included a multi-modular backdoor capable of rec…
🇮🇳 India
#SupplyChain
#Technology
2024-03
Solareum, a Telegram trading bot, shut down days after a security breach involving wallet drainers that reportedly affected more than 300 Solana users and resulted in the loss of more than 2,800 SOL. Linked forfeiture evidence also describes a USDT seizur…
🇦🇪 United Arab Emirates
#Cryptocurrency
#FinancialGain
2024-03
Munchables suffered a Blast-chain exploit in which linked analysis describes contract manipulation, including a backdoor implementation contract that was later replaced with normal logic to obscure the attacker’s tracks. Reporting discussed possible DPRK …
🇺🇸 United States
#Cryptocurrency
#Suspicious
#FinancialGain
2024-03
Kimsuky distributed malware disguised as installation files for South Korean public institutions, using a dropper signed with a valid domestic company certificate to unpack and execute the Endoor backdoor. The linked evidence connects the activity to Kims…
🇰🇷 Korea, Republic of
#SupplyChain
#Technology
2024-01
Kimsuky used trojanized security or software installers masquerading as legitimate Korean software packages, including TrustPKI and NX_PRNMAN, to deploy Troll Stealer/TrollAgent and related backdoor malware. The installers executed normal setup files as d…
🇰🇷 Korea, Republic of
#SupplyChain
#Technology
2024-01
Hector Network suffered a smart-contract exploit involving the centralized AddEligibleWallet function, which allowed a designated address to be treated as eligible and interact with funds intended for investor compensation. Linked analysis described the i…
Unknown
#Cryptocurrency
#FinancialGain
2024-01
Following a security breach on January 27, 2024, in which approximately 730 million SSX tokens were stolen from the SOMESING Foundation, the team promptly notified exchanges to halt deposits and withdrawals and worked with them to freeze the hacker’s acco…
🇰🇷 Korea, Republic of
#Cryptocurrency
#FinancialGain
2024-01
Concentric.Fi was compromised after a targeted social-engineering attack against a team member led to malware installation and exposure of the deployer wallet's private keys. The attacker used the resulting ownership access to upgrade Cone pool contracts …
Unknown
#Cryptocurrency
#FinancialGain
2023-12
Orbit Bridge reported an exploit of its Ethereum vault in which an unidentified attacker conducted six theft transactions affecting ETH, WBTC, USDT, USDC, and DAI with losses estimated at about $81.5 million. Orbit Chain said it worked with the Korean Nat…
🇰🇷 Korea, Republic of
#Cryptocurrency
#FinancialGain
2023-12
In December 2023, OKX's decentralized exchange (DEX) aggregator lost $2.7 million due to a private key compromise. Attackers upgraded a deprecated proxy contract and used it to siphon funds from users who had previously approved the contract. Despite comm…
🇸🇨 Seychelles
#Cryptocurrency
#FinancialGain
2023-11
HTX was reported together with the HECO Bridge incident as a November 2023 compromise affecting a centralized exchange and bridge environment, with linked analysis describing the attack style as consistent with DPRK Lazarus Group activity. Subsequent repo…
🇸🇨 Seychelles
#Cryptocurrency
#FinancialGain