North Korean hackers contain sophisticated code exploits in smart contracts
According to Google's threat intelligence team, North Korean hackers have adopted a deployment method designed to execute malicious code on public blockchain networks.
The 2023 method The 2023 method, according to Google, is used in conjunction with fake engineering techniques to reach victims in cheap websites or links.
Hackers control the JavaScript address in an installed script to withdraw money and data once the user has been informed of a fake site, containing a modified trick package.
The typical website uses the “read-only” function that creates the transaction on the board, using the “read-only” function to create the transaction from the “read” and avoid increasing the transaction fees.
The report highlights the importance of being proactive in the Crypto community to prevent users from working with individuals and private organizations through scams and the dangers associated with hackers attempting to delete valuable funds and valuable information.
Related: – CZ Google account by <መንግስት በተደገፈ> Hackers donated
Know the signs: North Korea's social engineering campaign
In order to allow threat actors to increase arement and Cryptocurecurnure pools with software offers with fake employment offers, they set up application agents and profiles, such as Google.
After the start, the attackers use platforms such as text or telegram, or communications such as television, or make the victim's work complete.
“The core of the attack occurs during the technical evaluation phase,” said Google's “intelligence stages.” In this phase, the victim is told to download malicious code from online code repositories such as GitHub, where malicious payloads are typically stored.
In other cases, the attackers trick the victim into a video call so that a fake error message is displayed to the user, prompting them to download a patch to fix the error. This software package also contains malicious code.
Once the malicious software is installed on the machine, a secondary JavaScript-based malicious code is installed and “JUDD” is deployed to steal sensitive information.
The third level is sometimes deployed to the attacker's targets, allowing long-term access to the attacker's network and other systems associated with the network. Google warned.
Magazine: Cyppto airport theft from real users in 30,000 phone bot farm
