The North Korean hacker group "HexagonalRodent" has industrialized attacks on Web3 developers using AI, stealing over $12 million in cryptocurrency assets in three months
According to a research report by cybersecurity company Expel, it is tracking a highly assessed APT organization supported by North Korea (DPRK) called "HexagonalRodent," which primarily targets Web3 developers and specializes in stealing high-value digital assets such as cryptocurrencies and NFTs.
The organization mainly conducts attacks by forging job postings—posting high-paying positions on LinkedIn and Web3 recruitment platforms to lure job seekers into completing "skills tests" embedded with malicious code, using the tasks.json feature of VSCode to automatically execute malicious programs when victims open project folders. The malware used includes BeaverTail, OtterCookie, and InvisibleFerret, which have capabilities for password theft, remote control, and reverse shell.
It is noteworthy that the organization heavily utilizes generative AI tools such as ChatGPT and Cursor to develop malware, build fake company websites, and create AI-generated executive teams, even registering shell companies in Mexico to enhance the credibility of their attacks
You may also like
How to choose between buying discounted ETH, Bitmine, and SharpLink?
Semiconductor stocks plummet, yet Anthropic wants to create a 2nm chip
A South Korean company that learned the strategy of hoarding coins, from a bull market to delisting?
Where is Zhao Changpeng's billion-dollar investment going? YZi Labs' investment landscape fully revealed
Ethereum Foundation Report: A Basic Guide to Ethereum for Governments and Financial Institutions
A pre-announced harvesting case: After the cryptocurrency price dropped by 99%, the public chain Saga exited to transform into AI
When American giants collectively "defect" from Chinese AI models
BIS Report Compliance Observation: The Real Risks of Stablecoins, Not Just "Depegging"
Portugal 2-1 Croatia: Ronaldo's 20-Year Knockout-Stage Drought Ends With a Debt Finally Collected
Portugal beat Croatia 2-1 in the 2026 global football championship's knockout rounds as Ronaldo scored his first-ever knockout-stage goal, Gonçalo Ramos struck a stoppage-time winner, and VAR ruled out a late equalizer for offside.
