Upbit, a South Korean crypto exchange, lost $30 million due to a security breach that exposed a vulnerability related to private keys. The company's CEO acknowledged the failure in security management and stated that the North Korean Lazarus Group is suspected to be behind the attack.

Five individuals, including four Americans and one Ukrainian, admitted to facilitating North Korea's revenue schemes by using stolen identities to help DPRK agents secure remote jobs with U.S. companies. Their actions impacted 136 firms and generated over $2.2 million for the North Korean regime. The DOJ is also pursuing the seizure of $15 million in cryptocurrency linked to these cyber crimes.

Slow Pisces, a North Korean state-sponsored threat group, has stolen over $1 billion from the cryptocurrency sector in 2023 by targeting developers through disguised job offers on LinkedIn. They use malware hidden within coding challenges and have been linked to significant thefts from cryptocurrency companies, prompting action from GitHub and LinkedIn to remove malicious accounts. The malware employs advanced techniques like YAML deserialization to evade detection and execute additional payloads.

Nearly 28% of the $1.4 billion stolen from Bybit has become untraceable, according to CEO Ben Zhou. The funds have been funneled through mixers and decentralized platforms, complicating recovery efforts. Zhou urged bounty hunters to assist in freezing stolen assets, with some success reported.

North Korea has expressed interest in accepting cryptocurrency as a form of payment for its applicants, including those looking to work in India. This move is part of a broader strategy to enhance its economic engagement through digital currencies, despite the country's ongoing international sanctions.

North Korean threat actor UNC5342 has begun using a technique called EtherHiding to deliver malware and steal cryptocurrency, marking a significant evolution in nation-state cyber threats. This method involves embedding malicious JavaScript within smart contracts on public blockchains, allowing attackers to retrieve payloads stealthily and without leaving a trace. The ongoing social engineering campaign targets developers with fake job offers to facilitate these attacks.

North Korea is reportedly targeting cryptocurrency job seekers to distribute malware designed to steal passwords. These cyber operations aim to exploit the growing interest in crypto jobs, leveraging social engineering tactics to infect potential candidates' devices. The initiative reflects North Korea's ongoing efforts to fund its regime through cybercrime activities.

The U.S. government has seized approximately $774 million in cryptocurrency linked to North Korean cybercriminal activities. This operation is part of ongoing efforts to disrupt the funding of illicit activities supported by the North Korean regime, particularly through hacking and ransomware schemes.