Skip to main content
North Korean Malware Targets Ethereum & Binance Wallets: Details
Cybersecurity • Crypto • Threat Intel

North Korean Malware Targets Ethereum & Binance Wallets: Details

Published · ~4 min read
Cyber illustration showing malware streams targeting Ethereum and Binance wallets
Analysts flag a campaign abusing public blockchains to deliver wallet-stealing malware.

Security researchers report a North Korean–linked campaign embedding malicious code in public smart contracts to target Ethereum and BNB Chain wallets. The method reduces takedowns and evades traditional web filters.

How the attack works

The actors use “on-chain hosting”: payloads are stored in transactions or smart contracts. When victims connect a wallet, run injected scripts, or load a compromised dApp component, the malware pulls instructions from the chain and attempts to exfiltrate secrets (keys, seed phrases) or sign unauthorized transactions.

Who is behind it

The activity resembles prior North Korean operations targeting crypto firms and developers. Tactics include fake job offers, poisoned libraries, and supply-chain compromises aimed at wallets and build systems.

Why it matters

  • Persistence: Data stored on-chain is hard to remove, enabling long-lived campaigns.
  • Trust abuse: Legit-looking contracts/dApps can deliver hidden code paths.
  • Broader impact: Risks extend to users, exchanges, and CI/CD pipelines in crypto projects.

How to protect your funds

  • Prefer hardware wallets and require confirmation for every transaction.
  • Only interact with verified contracts/dApps; read permissions before signing.
  • Lock down browsers: remove unknown extensions; use script-blocking where possible.
  • For devs: pin dependencies, verify checksums, and isolate build environments.
  • Enable wallet alerts and withdraw large balances to cold storage.

Related reading

Labels:

Comments

Post a Comment

Popular posts from this blog

Create a Payza Account in Minutes: Step-by-Step Guide (Availability May Vary) Create a Payza Account in Minutes: Step-by-Step Guide Follow these quick steps to create, verify, and secure your Payza e-wallet. Note: Service availability and features can change—verify on the official site first. Signing up takes a few minutes—verification and security settings keep your wallet safer. Key takeaways Fast signup: Create an account with a valid email, then confirm and complete your profile. Verify early: Prepare ID + proof of address to unlock higher limits and withdrawals. Secure it: Enable 2FA, set strong passwords, and review notification settings. Contents Create Your Account Complete KYC Verification Harden Security (Highly R...
48 comments
Read more
FTX/Alameda Wrapped Tokens on Solana Are No Longer Redeemable: What It Means for soBTC & soETH FTX/Alameda Wrapped Tokens on Solana Are No Longer Redeemable: What It Means for soBTC & soETH A quick, clear explainer on how wrapped-token redemption works, what changed after FTX/Alameda’s collapse, and practical steps to reduce risk. When backing fails, wrapped tokens can lose redemption and deviate from their peg. Key takeaways Wrapped tokens like soBTC and soETH relied on redemption backing tied to FTX/Alameda. After bankruptcy, redemption mechanisms ceased , causing price dislocations on Solana. Holders should evaluate liquidity, contract risk, and official notices before acting. Contents What Happened Wrapped ...
Post a Comment
Read more
Create a Paysera Account (Step-by-Step): IBAN, Card, Fees & Verification Create a Paysera Account (Step-by-Step): IBAN, Card, Fees & Verification Open your account, complete KYC, access your IBAN, order a card, and set strong security—everything you need to get started with Paysera. Create, verify, and secure your Paysera account to access IBAN transfers and card payments. Key takeaways Fast onboarding: Sign up, confirm email/phone, and complete KYC to unlock features. IBAN access: After verification, find your IBAN in the app/web and receive SEPA transfers (where supported). Card options: Order a physical/virtual card (availability varies by country); control limits and regions in-app. Contents 1) Create Your Account 2) Comp...
Post a Comment
Read more