Skip to content
  • July 12, 2026
Online Cash Shop Online Cash Shop

Your One Stop Shop For Online Cash

×
Online Cash Shop Online Cash Shop

Your One Stop Shop For Online Cash

  • Home
  • Online Marketing
    • Content Marketing
      • Blogging
      • Video Marketing
      • SEO
    • Affiliate Marketing
    • Social Media
    • E-commerce
    • Email Marketing
  • Freelancing
  • Forex and Crypto
  • Videos
  • Op-Ed
  • Giveaways
    • Free Membership
    • Free Udimi Solo Ads Giveaway
  • Products
  • Money Matchmaker
  • Home
  • Forex and Crypto
  • Crypto
  • Unmasking the Digital Threat: Inside North Korea’s Cryptomining Malware Hidden in Plain Sight
Crypto February 11, 2026 0 Comments

Unmasking the Digital Threat: Inside North Korea’s Cryptomining Malware Hidden in Plain Sight

Unmasking the Digital Threat: Inside North Korea’s Cryptomining Malware Hidden in Plain Sight

Ever wonder how far cyber mischief can stretch when fueled by some seriously crafty social engineering and sneaky malware? Well, North Korea-linked threat actors have certainly taken the art of digital skulduggery up a few notches—targeting cryptocurrency and fintech companies with an arsenal of new malware designed to snatch sensitive data and pilfer digital treasures. These aren’t your run-of-the-mill hackers; think seven distinct malware families, AI-generated deepfake Zoom calls, and compromised Telegram accounts all working in concert to pull off scams that are as sophisticated as they are unsettling. It’s like staring into a sci-fi thriller where the villains just leveled up, and the battleground is right in your crypto wallet. Curious to dive deeper into UNC1069’s latest moves and just how this digital double-cross unfolds? LEARN MORE.

North Korea-linked threat actors are escalating social engineering campaigns targeting cryptocurrency and fintech companies, deploying new malware designed to harvest sensitive data and steal digital assets.

In a recent campaign, a threat cluster tracked as UNC1069 deployed seven malware families aimed at capturing and exfiltrating victim data, according to a Tuesday report from Mandiant, a US cybersecurity firm that operates under Google Cloud.

The campaign relied on social engineering schemes involving compromised Telegram accounts and fake Zoom meetings with deepfake videos generated through artificial intelligence tools.

“This investigation revealed a tailored intrusion resulting in the deployment of seven unique malware families, including a new set of tooling designed to capture host and victim data: SILENCELIFT, DEEPBREATH and CHROMEPUSH,” the report states.

Threat actor UNC1069, attack chain. Source: Mandiant/Google Cloud

Related: CZ sounds alarm as ‘SEAL’ team uncovers 60 fake IT workers linked to North Korea

Mandiant said the activity represents an expansion of the group’s operations, primarily targeting crypto firms, software developers and venture capital companies.

The malware included two newly discovered, sophisticated data-mining viruses, named CHROMEPUSH and DEEPBREATH, which are designed to bypass key operating system components and gain access to personal data.

The threat actor with “suspected” North Korean ties has been tracked by Mandiant since 2018, but AI advancements helped the malicious actor scale up its operations and include “AI-enabled lures in active operations” for the first time in November 2025, according to a report at the time from the Google Threat Intelligence Group.

Cointelegraph contacted Mandiant for additional details regarding the attribution, but had not received a response by publication.

Related: Balancer hack shows signs of months-long planning by skilled attacker

Attackers are stealing crypto founder accounts to launch ClickFix attacks

In one intrusion outlined by Mandiant, attackers used a compromised Telegram account belonging to a crypto founder to initiate contact. The victim was invited to a Zoom meeting featuring a fabricated video feed in which the attacker claimed to be experiencing audio problems.

The attacker then directed the user to run troubleshooting commands in their system to fix the purported audio issue in a scam known as a ClickFix attack.

The provided troubleshooting commands had embedded a hidden single command that initiated the infection chain, according to Mandiant.

UNC1069 victimology map. Source: Mandiant/Google Cloud

North Korea-linked illicit actors have been a persistent threat to both crypto investors and Web3-native companies.

In June 2025, four North Korean operatives infiltrated multiple crypto firms as freelance developers, stealing a cumulative $900,000 from these startups, Cointelegraph reported.

Earlier that year, the Lazarus Group was linked to the $1.4 billion hack of Bybit, one of the largest crypto thefts on record.

Magazine: Coinbase hack shows the law probably won’t protect you — Here’s why

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently. Read our Editorial Policy https://cointelegraph.com/editorial-policy
Previous post

How Vitalik Buterin’s Vision Could Redefine the Future of AI and Blockchain Forever

Next post

Revolutionary Ecommerce Tools Unveiled: The Future of Online Shopping Starts February 11, 2026

Related Posts

Cambridge Study Reveals Shocking Truth About Ethereum's PoS Energy Use—Is It Too Good to Be True?
Online Cash Shop 0

Cambridge Study Reveals Shocking Truth About Ethereum’s PoS Energy Use—Is It Too Good to Be True?

July 12, 2026
Bitcoin Titans Saylor and Back Unite to Challenge Controversial BIP-110 Ordinals Proposal—What’s at Stake?
Online Cash Shop 0

Bitcoin Titans Saylor and Back Unite to Challenge Controversial BIP-110 Ordinals Proposal—What’s at Stake?

July 12, 2026
Is Bitcoin on the Brink of a Major Breakout? Jamie Coutts Reveals What’s Next.
Online Cash Shop 0

Is Bitcoin on the Brink of a Major Breakout? Jamie Coutts Reveals What’s Next.

July 11, 2026

Join Our Newsletter! Play To Win And Grab Your Freebie Below!

    Meet Irving. He cracked the code to Online Success. How'd he do it? CLICK TO LEARN MORE!

    The Money Is In The List

    List Building Program

    You May Have Missed

    Cambridge Study Reveals Shocking Truth About Ethereum's PoS Energy Use—Is It Too Good to Be True?
    Crypto

    Cambridge Study Reveals Shocking Truth About Ethereum’s PoS Energy Use—Is It Too Good to Be True?

    July 12, 2026 Online Cash Shop
    Bitcoin Titans Saylor and Back Unite to Challenge Controversial BIP-110 Ordinals Proposal—What’s at Stake?
    Crypto

    Bitcoin Titans Saylor and Back Unite to Challenge Controversial BIP-110 Ordinals Proposal—What’s at Stake?

    July 12, 2026 Online Cash Shop
    A Perfect Product Isn't a Pitch #shorts
    Online Marketing VIDEOS

    A Perfect Product Isn’t a Pitch #shorts

    July 11, 2026 Online Cash Shop
    Is Bitcoin on the Brink of a Major Breakout? Jamie Coutts Reveals What’s Next.
    Crypto

    Is Bitcoin on the Brink of a Major Breakout? Jamie Coutts Reveals What’s Next.

    July 11, 2026 Online Cash Shop
    Unmasking the Chaos: Why AI Visibility Rankings Might Be Deceptively Unreliable
    SEO

    Unmasking the Chaos: Why AI Visibility Rankings Might Be Deceptively Unreliable

    July 11, 2026 Online Cash Shop
    Unlock the Secret: How Watching Movies Could Earn You $5,000 a Month!
    Affiliate Marketing Freelancing

    Unlock the Secret: How Watching Movies Could Earn You $5,000 a Month!

    July 11, 2026 Online Cash Shop
    Robinhood’s AI Agent to Revolutionize Crypto Trading—Are You Ready for the Future?
    Crypto

    Robinhood’s AI Agent to Revolutionize Crypto Trading—Are You Ready for the Future?

    July 11, 2026 Online Cash Shop
    Google Warns: Canonical Re-Evaluation Could Leave Your SEO in Limbo for Up to Two Weeks
    SEO

    Google Warns: Canonical Re-Evaluation Could Leave Your SEO in Limbo for Up to Two Weeks

    July 10, 2026 Online Cash Shop
    WordPress 7.0.1 Unveils 31 Hidden Bug Fixes That Could Change Your Site Forever
    SEO

    WordPress 7.0.1 Unveils 31 Hidden Bug Fixes That Could Change Your Site Forever

    July 10, 2026 Online Cash Shop
    Unlock the Secret Strategy Behind YouTube Ads That Skyrocket Video Views Overnight
    Video Marketing

    Unlock the Secret Strategy Behind YouTube Ads That Skyrocket Video Views Overnight

    July 10, 2026 Online Cash Shop
    • Home
    • About
    • Contact
    • DMCA
    • Disclaimer
    Review Your Cart
    0
    Discount
    Add Coupon Code
    Subtotal
    Total Installments (before discounts)
    Bundle Discount
    Checkout
    0

    Notifications

    Terms and Conditions - Privacy Policy