A cewar wani kwakkwaran bincike na bayan mutuwa, wani dan kutse da gwamnatin Koriya ta Arewa ke daukar nauyinsa Kamfanoni ne ke da alhakin yin amfani da dala miliyan 50 da aka yi niyya ga Radiant Capital. Ta hanyar hira ta jabu ta Telegram, maharan, waɗanda aka amince da su a matsayin na cikin ƙungiyar barazanar UNC4736—wanda aka fi sani da Citrine Sleet—sun tura malware ta hanyar amfani da nagartattun dabarun injiniyan zamantakewa.
Domin samun dama ga Radiant Capital, masu satar bayanan sun yi kamar su "tsohon dan kwangilar amintattu" kuma sun yi amfani da halaccin haɗin gwiwa. Sun yi iƙirarin suna da rahoto game da amfani da Penpie, wani abin da ya faru a baya a yankin DeFi, a cikin fayil ɗin PDF da aka ziyarta wanda suka raba ta hanyar Telegram. Koyaya, INLETDRIFT malware, wanda ya ƙirƙiri kofa ta baya akan tsarin macOS, yana cikin fayil ɗin zip.
Ta hanyar canza fasalin Safe{Wallet}—wanda aka fi sani da Gnosis Safe—wannan hack ɗin ya fallasa wallet ɗin kayan masarufi na aƙalla masu haɓaka Radiant guda uku. malware ɗin ya aiwatar da ma'amaloli na yaudara a bayan fage yayin da mu'amala ya nuna ingantaccen bayanan ma'amala.
Ko da yake Radiant Capital ya yi amfani da daidaitattun hanyoyin tsaro na masana'antu, irin su tabbatar da biyan kuɗi da kuma wasan kwaikwayo na Tenderly, duk da haka maharan sun sami damar yin sulhu da na'urori masu haɓaka da yawa.
Mandiant, wani kamfanin tsaro na yanar gizo, ya danganta harin da UNC4736, mai yin barazana da dangantaka da DPRK wanda ke da tarihin cin gajiyar kamfanonin bitcoin. Har ila yau, kungiyar ta yi kaurin suna wajen kai hari kan musayar bitcoin da yada AppleJeus malware. Alkaluma sun nuna cewa an wawure kimanin dala biliyan 3 daga masana'antar cryptocurrency tsakanin shekarar 2017 zuwa 2023, kuma ana kyautata zaton cewa kudaden na goyon bayan shirin nukiliyar Koriya ta Arewa.
UNC4736 ta yi niyya ga ƙungiyoyin da aka mayar da hankali kan crypto a farkon wannan shekara ta hanyar amfani da rashin lahani na kwana-kwana a cikin burauzar Chromium, tare da guje wa tsaron akwatin yashi. FBI ta jawo hankali ga dabarun canza kungiyar, wadanda suka hada da nuna kamar kwararrun IT don samun damar shiga tsarin hada-hadar kudi da kasuwanci.
Cibiyoyin hada-hadar kuɗi na duniya suna ƙara fuskantar haɗari daga laifukan yanar gizo na Koriya ta Arewa, musamman a sararin cryptocurrency. Masu bincike a taron Cyberwarcon Cybersecurity Conference sun yi iƙirarin cewa masu satar bayanai da gwamnatin Koriya ta Arewa ke daukar nauyin sata sun sace sama da dala miliyan 10 a cikin watanni shida kacal ta hanyar yin kwaikwayon ainihin ma’aikata a sanannun kamfanoni.
Shari'ar Radiant Capital tana nuna bukatar gaggawa don ƙara wayar da kan jama'a, matakan tsaro da yawa, da haɗin gwiwar kasa da kasa don yaƙar haɗarin da ke tattare da hare-haren yanar gizo da gwamnati ke goyan bayan yayin da masana'antar crypto ke kokawa tare da ci gaba mai rikitarwa.