North Korean threat actor UNC5342 has begun using a technique called EtherHiding to deliver malware and steal cryptocurrency, marking a significant evolution in nation-state cyber threats. This method involves embedding malicious JavaScript within smart contracts on public blockchains, allowing attackers to retrieve payloads stealthily and without leaving a trace. The ongoing social engineering campaign targets developers with fake job offers to facilitate these attacks.