Rewards Hub North Korean hackers, identified as threat group UNC1069, are escalating their attacks on cryptocurrency and fintech companies using advanced AI-driven social engineering tactics. According to Mandiant, a Google Cloud cybersecurity firm, the group has deployed seven malware suites, including SILENCELIFT, DEEPBREATH, and CHROMEPUSH, to steal sensitive data and digital assets.
The attackers are leveraging compromised Telegram accounts and AI-generated deepfake videos to conduct fraudulent Zoom meetings. Since November 2025, advancements in artificial intelligence have enabled the group to expand its operations. In one notable incident, the hackers used a stolen Telegram account of a cryptocurrency founder to execute a ClickFix attack, tricking victims into running malicious commands under the guise of troubleshooting.
North Korean Hackers Intensify AI-Driven Attacks on Crypto Firms
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.