分析：朝鲜黑客利用诱导运行恶意程序入侵系统，今年已窃取 16 亿美元加密货币

金色财经

Aug 05

【分析：朝鲜黑客利用诱导运行恶意程序入侵系统，今年已窃取 16 亿美元加密货币】8月5日消息，据 Decrypt 报道，根据 Google Cloud 与网络安全公司 Wiz 的研究，朝鲜黑客组织正通过虚假 IT 职位邀约渗透云系统，预计 2025 年已窃取价值 16 亿美元加密货币。研究显示，代号 UNC4899 的黑客团队（又称 TraderTraitor，Jade Sleet 或 Slow Pisces）通过社交媒体假扮招聘方，诱使目标企业员工运行恶意程序，成功入侵谷歌云和 AWS 系统并劫持加密货币交易主机。Wiz 表示，TraderTraitor 代表的是某种类型的威胁活动，而非某个特定的团体，朝鲜支持的实体 Lazarus Group、APT38、BlueNoroff 和 Stardust Chollima 都是典型的 TraderTraitor 攻击的幕后黑手。该攻击模式自 2020 年持续进化：早期使用 JavaScript 构建恶意加密应用，2023 年引入开源代码漏洞利用，2024 年重点针对交易所云基础设施实施攻击，包括造成日本 DMM Bitcoin 3.05 亿美元损失的入侵事件。专家指出，朝鲜黑客率先采用 AI 技术生成钓鱼邮件和恶意脚本，其攻击团队规模可能达数千人。

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

1
2
3
4
5
6
7
8
9
10

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2557264358"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2557264358\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2557264358?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2025-08-05 09:14","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2557264358","market":"fut","top_or_hot":-1,"title":"分析：朝鲜黑客利用诱导运行恶意程序入侵系统，今年已窃取 16 亿美元加密货币","media":"金色财经","content":"<html><body><p>【分析：朝鲜黑客利用诱导运行恶意程序入侵系统，今年已窃取 16 亿美元加密货币】8月5日消息，据 Decrypt 报道，根据 Google Cloud 与网络安全公司 Wiz 的研究，朝鲜黑客组织正通过虚假 IT 职位邀约渗透云系统，预计 2025 年已窃取价值 16 亿美元加密货币。研究显示，代号 UNC4899 的黑客团队（又称 TraderTraitor，Jade Sleet 或 Slow Pisces）通过社交媒体假扮招聘方，诱使目标企业员工运行恶意程序，成功入侵谷歌云和 AWS 系统并劫持加密货币交易主机。Wiz 表示，TraderTraitor 代表的是某种类型的威胁活动，而非某个特定的团体，朝鲜支持的实体 Lazarus Group、APT38、BlueNoroff 和 Stardust Chollima 都是典型的 TraderTraitor 攻击的幕后黑手。 \n该攻击模式自 2020 年持续进化：早期使用 JavaScript 构建恶意加密应用，2023 年引入开源代码漏洞利用，2024 年重点针对交易所云基础设施实施攻击，包括造成日本 DMM Bitcoin 3.05 亿美元损失的入侵事件。专家指出，朝鲜黑客率先采用 AI 技术生成钓鱼邮件和恶意脚本，其攻击团队规模可能达数千人。</p></body></html>","source":"jinse_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>分析：朝鲜黑客利用诱导运行恶意程序入侵系统，今年已窃取 16 亿美元加密货币</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\n分析：朝鲜黑客利用诱导运行恶意程序入侵系统，今年已窃取 16 亿美元加密货币\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-08-05 09:14 北京时间&nbsp;&nbsp;&nbsp;<a href=https://decrypt.co/333513/north-korean-fake-job-offers-cloud-systems-steal-billions-crypto><strong>金色财经</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>【分析：朝鲜黑客利用诱导运行恶意程序入侵系统，今年已窃取 16 亿美元加密货币】8月5日消息，据 Decrypt 报道，根据 Google Cloud 与网络安全公司 Wiz 的研究，朝鲜黑客组织正通过虚假 IT 职位邀约渗透云系统，预计 2025 年已窃取价值 16 亿美元加密货币。研究显示，代号 UNC4899 的黑客团队（又称 TraderTraitor，Jade Sleet 或 Slow ...</p>\n\n<a href=\"https://decrypt.co/333513/north-korean-fake-job-offers-cloud-systems-steal-billions-crypto\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"VBTC.AU","symbol_name":"Vaneck Bitcoin Etf","start_time":0,"source_url":"https://decrypt.co/333513/north-korean-fake-job-offers-cloud-systems-steal-billions-crypto","article_id":"2557264358","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2557264358","pubTimestamp":1754356499,"columns":[],"sourceInfo":{"source_id":"jinse_live","name":"金色财经"},"weMediaInfo":null,"summary":"【分析：朝鲜黑客利用诱导运行恶意程序入侵系统，今年已窃取 16 亿美元加密货币】8月5日消息，据 Decrypt 报道，根据 Google Cloud 与网络安全公司 Wiz 的研究，朝鲜黑客组织正通","collect":0,"end_time":0,"defaultTopTitle":"decrypt.co","property":[],"viewcount":null,"language":"zh","relate_stocks":{"83042":"华夏比特币-R","VBTC.AU":"Vaneck Bitcoin Etf","09042":"华夏比特币-U","LU0077335932.USD":"FIDELITY AMERICAN GROWTH \"A\" INC","USJW.SI":"ALPHAB 3xLongSG261006","FBTC":"Fidelity Wise Origin Bitcoin Fund","GOOG":"谷歌","GBTC":"Grayscale Bitcoin Trust ETF","03439":"嘉实比特币","09439":"嘉实比特币-U","DEFI":"Hashdex Bitcoin ETF","EZBC":"Franklin Bitcoin ETF","03042":"华夏比特币","LU2065169927.USD":"M&G (LUX) GLOBAL MAXIMA \"A\" (USD) ACC","BITO":"ProShares Bitcoin ETF","BRRR":"CoinShares Valkyrie Bitcoin Fund","BTCO":"Invesco Galaxy Bitcoin ETF","09008":"博时比特币-U","IBIT":"iShares Bitcoin Trust ETF","HODL":"VanEck Bitcoin ETF","03008":"博时比特币","BTCW":"WisdomTree Bitcoin Fund","LU1059921491.USD":"NORDEA 1 GLOBAL STABLE EQUITY \"HB\" (USDHDG) ACC","GOOGL":"谷歌A","LU1868837300.USD":"CT (LUX) I AMERICAN FUND \"9\" (USD) ACC","BK4548":"巴美列捷福持仓"},"translate_title":"Analysis: North Korean hackers used inducement to run malicious programs to invade systems and have stolen $1.6 billion in cryptocurrency this year","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"83042":0.6,"03008":1,"03042":1,"03439":1,"09008":1,"09042":1,"09439":1,"BITO":1,"BRRR":1,"BTCO":1,"BTCW":1,"DEFI":1,"EZBC":1,"FBTC":1,"MBTmain":1,"GBTC":1,"GOOG":1,"GOOGL":1,"HODL":1,"IBIT":1,"USJW.SI":0.6,"VBTC.AU":1},"content_text":"【分析：朝鲜黑客利用诱导运行恶意程序入侵系统，今年已窃取 16 亿美元加密货币】8月5日消息，据 Decrypt 报道，根据 Google Cloud 与网络安全公司 Wiz 的研究，朝鲜黑客组织正通过虚假 IT 职位邀约渗透云系统，预计 2025 年已窃取价值 16 亿美元加密货币。研究显示，代号 UNC4899 的黑客团队（又称 TraderTraitor，Jade Sleet 或 Slow Pisces）通过社交媒体假扮招聘方，诱使目标企业员工运行恶意程序，成功入侵谷歌云和 AWS 系统并劫持加密货币交易主机。Wiz 表示，TraderTraitor 代表的是某种类型的威胁活动，而非某个特定的团体，朝鲜支持的实体 Lazarus Group、APT38、BlueNoroff 和 Stardust Chollima 都是典型的 TraderTraitor 攻击的幕后黑手。 \n该攻击模式自 2020 年持续进化：早期使用 JavaScript 构建恶意加密应用，2023 年引入开源代码漏洞利用，2024 年重点针对交易所云基础设施实施攻击，包括造成日本 DMM Bitcoin 3.05 亿美元损失的入侵事件。专家指出，朝鲜黑客率先采用 AI 技术生成钓鱼邮件和恶意脚本，其攻击团队规模可能达数千人。","kind":"live","is_publish_news":false,"is_publish_highlight":false,"is_publish_live":true,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":1,"need_auth":false,"code":"91000000","status":"200"}}}