North Korean Malware Hits Ethereum and BSC Wallets: Details

utoday

Oct 19

According to a recent report by cybersecurity firm Cisco Talos, hackers linked to North Korea delivered malicious JavaScript via a fake cryptocurrency application and an npm package.The malware, which...

Source Link

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2576077065"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2576077065\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2576077065?lang=en_US&edition=fundamental","thumbnail":"","is_english":true,"pubTime":"2025-10-19 08:50","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2576077065","market":"hk","top_or_hot":-1,"title":"North Korean Malware Hits Ethereum and BSC Wallets: Details","media":"utoday","content":"<div>\n<p>According to a recent report by cybersecurity firm Cisco Talos, hackers linked to North Korea delivered malicious JavaScript via a fake cryptocurrency application and an npm package.The malware, which...</p>\n\n<a href=\"https://u.today/north-korean-malware-hits-ethereum-and-bsc-wallets-details\">Source Link</a>\n\n</div>\n","source":"utodaynews_highlight","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>North Korean Malware Hits Ethereum and BSC Wallets: Details</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nNorth Korean Malware Hits Ethereum and BSC Wallets: Details\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-10-19 08:50 GMT+8&nbsp;&nbsp;&nbsp;<a href=https://u.today/north-korean-malware-hits-ethereum-and-bsc-wallets-details><strong>utoday</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>According to a recent report by cybersecurity firm Cisco Talos, hackers linked to North Korea delivered malicious JavaScript via a fake cryptocurrency application and an npm package.The malware, which...</p>\n\n<a href=\"https://u.today/north-korean-malware-hits-ethereum-and-bsc-wallets-details\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"IE00BVYPNW00.USD","symbol_name":"GUINNESS GLOBAL EQUITY INCOME \"C\" (USD) ACC","start_time":0,"source_url":"https://u.today/north-korean-malware-hits-ethereum-and-bsc-wallets-details","article_id":"2576077065","we_media_id":null,"thumbnails":[],"rights":{"source":"utodaynews_highlight","url":"https://u.today/north-korean-malware-hits-ethereum-and-bsc-wallets-details","rn_cache_url":null,"directOrigin":true},"url":"https://stock-news.laohu8.com/highlight/detail?id=2576077065","pubTimestamp":1760835000,"columns":[],"sourceInfo":{"source_id":"utodaynews_highlight","name":"u.today"},"weMediaInfo":null,"summary":"According to arecent report by cybersecurity firm Cisco Talos, hackers linked to North Korea delivered malicious JavaScript via a fake cryptocurrency application and an npm package.The malware, which ","collect":0,"end_time":0,"defaultTopTitle":"u.today","property":[],"viewcount":null,"language":"en","relate_stocks":{"IE00BVYPNW00.USD":"GUINNESS GLOBAL EQUITY INCOME \"C\" (USD) ACC","IE00BKVL7J92.USD":"Legg Mason ClearBridge - US Equity Sustainability Leaders A Acc USD","BK4560":"网络安全概念","LU2506952097.USD":"BNP PARIBAS SUSTAINABLE GLOBAL LOW VOL EQUITY \"CRH\" (USDHDG) ACC","BK4527":"明星科技股","SG9999001440.SGD":"United Global Dividend Equity Fund A SGD Dist","FETH":"以太币ETF-Fidelity","BK4020":"通信设备","EZET":"以太坊ETF-Franklin","LU2237443549.SGD":"Aberdeen Standard SICAV I - Global Dynamic Dividend A MIncA SGD-H","LU1066051225.USD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AC\" (USD) ACC","LU1430594728.SGD":"Eastspring Investments - Global Low Volatility Equity AS SGD","LU0823417737.USD":"BNP PARIBAS SUSTAINABLE GLOBAL LOW VOL EQUITY \"C\" (USD) INC","LU2506951958.HKD":"BNP PARIBAS SUSTAINABLE GLOBAL LOW VOL EQUITY \"CRH\" (HKDHDG) INC","LU1571399168.USD":"ALLSPRING GLOBAL LONG/SHORT EQUITY \"IP\" (USD) ACC","CSCO":"思科","LU0950375773.USD":"BNP PARIBAS SUSTAINABLE GLOBAL LOW VOL EQUITY \"C\" (USD) INC A","LU1674673691.USD":"HSBC GIF GLOBAL LOWER CARBON EQUITY \"AD\" (USD) INC","LU2237443978.SGD":"Aberdeen Standard SICAV I - Global Dynamic Dividend A Acc SGD-H","09009":"博时以太币-U","ETHV":"以太坊ETF-VanEck","LU0234570918.USD":"高盛全球核心股票组合Acc Close","LU1674673428.USD":"HSBC GIF GLOBAL LOWER CARBON EQUITY \"AC\" (USD) ACC","IE00BGHQF631.EUR":"GUINNESS GLOBAL EQUITY INCOME \"C\" (EUR) ACC","LU1244550494.USD":"FRANKLIN GLOBAL MULTI-ASSET INCOME \"A\" (USDHEDGED) ACC","SG9999015952.SGD":"LIONGLOBAL DISRUPTIVE INNOVATION \"I\" (SGD) ACC","BK4581":"高盛持仓","SG9999002224.SGD":"Allianz Global High Payout SGD","IE00B3PB1722.GBP":"GUINNESS GLOBAL EQUITY INCOME \"C\" (GBP) INC","CETH":"以太坊ETF-21Shares","LU0823417653.USD":"BNP PARIBAS SUSTAINABLE GLOBAL LOW VOL EQUITY \"C\" (USD) ACC","LU1235294995.USD":"FIDELITY GLOBAL TECHNOLOGY \"A\" (USDHDG) ACC","LU2286300806.USD":"Allianz Cyber Security AT Acc USD","LU0731783394.SGD":"Fidelity Global Dividend A-MINCOME(G)-SGD","03179":"嘉实以太币","IE00B3T34201.USD":"BNY MELLON GLOBAL EQUITY INCOME \"B\" (USD) INC","LU2237443382.USD":"Aberdeen Standard SICAV I - Global Dynamic Dividend A MIncA USD","SG9999015978.USD":"利安颠覆性创新基金A","QETH":"以太坊ETF-Invesco Galaxy","LU0348723411.USD":"ALLIANZ GLOBAL HI-TECH GROWTH \"A\" (USD) INC","BK4601":"加密货币现货ETF","IE00BSNM7G36.USD":"NEUBERGER BERMAN SYSTEMATIC GLOBAL SUSTAINABLE VALUE \"A\" (USD) ACC","09179":"嘉实以太币-U","LU0203347892.USD":"SCHRODER ISF QEP GLOBAL ACTIVE VALLUE \"A\" (USD)  INC AV","09046":"华夏以太币-U","LU1066051498.USD":"HSBC GIF GLOBAL EQUITY VOLATILITY FOCUSED \"AM2\" (USD) INC","LU2506951875.HKD":"BNP PARIBAS SUSTAINABLE GLOBAL LOW VOL EQUITY \"CRH\" (HKDHDG) ACC","LU1894683264.USD":"AMUNDI FUNDS US EQUITY RESEARCH VALUE \"A2\" (USD) ACC"},"translate_title":"朝鲜恶意软件攻击以太币和BSC钱包：详细信息","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"03179":1.5,"09009":1.5,"09046":1.5,"09179":1.5,"CETH":1.5,"CSCO":0.85,"ETHV":1.5,"EZET":1.5,"FETH":1.5,"METHmain":1.5,"QETH":1.5},"content_text":"According to a recent report by cybersecurity firm Cisco Talos, hackers linked to North Korea delivered malicious JavaScript via a fake cryptocurrency application and an npm package.The malware, which has been dubbed \"OtterCookie/BeaverTrail,\" is capable of stealing keystrokes, clipboard content, screenshots and browser wallets of the likes of Metamask.Modus operandiA potential victim is typically lured with a bogus job or freelance gig. The attacks install malware with the help of an obfuscated JavaScript payload and collect sensitive data. The stolen files then get uploaded to the attacker's servers.Notably, the hackers use a crypto app as bait, so they are specifically targeting those users who already have crypto wallets on their computers.Immediate actionThose who think that they were exposed to the attack should assume that their hot wallets were compromised.Attackers typically steal extension files and passwords together with seed phrases to drain wallets.One should immediately start moving funds and revoke token approvals for old wallets that were potentially hacked.It would also be advisable to wipe and reinstall the operating system.In order not to fall victim to hackers in the first place, one should refrain from running code from untrusted sources. They can be run via containers or VMs.$2 billion worth of stolen cryptoEarlier this month, TechCrunch reported that North Korean hackers had already stolen roughly $2 billion worth of crypto this year.The report, which cites data from blockchain sleuth Elliptic, says that the total amount of crypto stolen by the \"Hermit Kingdom\" currently stands at $6 billion.","kind":"highlight","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"-1","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":false,"code":"91000000","status":"200"}}}