Kripto Al Piyasalar Spot Vadeli İşlemler500X Birikim Etkinlikler

Daha Fazla

ELIZAOS Etkinliği2000g

PANews reported on December 5th that, according to Hackread.com, cybersecurity firm Hudson Rock discovered an infected device while analyzing logs from the LummaC2 information-stealing malware. The operator is suspected to be a malware developer within a North Korean state-sponsored hacking group. This device was previously used to build the infrastructure that supported the $1.4 billion theft from the cryptocurrency exchange Bybit in February 2025. Analysis revealed that the credentials found on the device were linked to domains registered before the attack and used to impersonate Bybit. The device itself was high-end, equipped with development tools such as Visual Studio and Enigma Protector, as well as communication and data storage applications like Astrill VPN, Slack, and Telegram. Its activity also indicated that the attackers purchased the domains and prepared fake Zoom installers to carry out phishing attacks. This discovery provides rare insights into the internal workings of asset sharing within North Korean-backed hacking operations.PANews reported on December 5th that, according to Hackread.com, cybersecurity firm Hudson Rock discovered an infected device while analyzing logs from the LummaC2 information-stealing malware. The operator is suspected to be a malware developer within a North Korean state-sponsored hacking group. This device was previously used to build the infrastructure that supported the $1.4 billion theft from the cryptocurrency exchange Bybit in February 2025. Analysis revealed that the credentials found on the device were linked to domains registered before the attack and used to impersonate Bybit. The device itself was high-end, equipped with development tools such as Visual Studio and Enigma Protector, as well as communication and data storage applications like Astrill VPN, Slack, and Telegram. Its activity also indicated that the attackers purchased the domains and prepared fake Zoom installers to carry out phishing attacks. This discovery provides rare insights into the internal workings of asset sharing within North Korean-backed hacking operations.

Security firm: LummaC2 virus infected North Korean hacking devices linked to the Bybit theft.

Yazar: PANews

2025/12/05 22:50

Paylaş

Analysis revealed that the credentials found on the device were linked to domains registered before the attack and used to impersonate Bybit. The device itself was high-end, equipped with development tools such as Visual Studio and Enigma Protector, as well as communication and data storage applications like Astrill VPN, Slack, and Telegram. Its activity also indicated that the attackers purchased the domains and prepared fake Zoom installers to carry out phishing attacks. This discovery provides rare insights into the internal workings of asset sharing within North Korean-backed hacking operations.

Sorumluluk Reddi: Bu sitede yeniden yayınlanan makaleler, halka açık platformlardan alınmıştır ve yalnızca bilgilendirme amaçlıdır. MEXC'nin görüşlerini yansıtmayabilir. Tüm hakları telif sahiplerine aittir. Herhangi bir içeriğin üçüncü taraf haklarını ihlal ettiğini düşünüyorsanız, kaldırılması için lütfen service@support.mexc.com ile iletişime geçin. MEXC, içeriğin doğruluğu, eksiksizliği veya güncelliği konusunda hiçbir garanti vermez ve sağlanan bilgilere dayalı olarak alınan herhangi bir eylemden sorumlu değildir. İçerik, finansal, yasal veya diğer profesyonel tavsiye niteliğinde değildir ve MEXC tarafından bir tavsiye veya onay olarak değerlendirilmemelidir.