AI-driven tactics emerge as new threat in crypto security landscape.
AI-powered tactics are making crypto attacks more sophisticated
Photo Credit: Unsplash/rc.xyz NFT gallery
The Zerion team released a post-mortem report on Wednesday, claiming that North Korean-affiliated hackers were using AI-enabled social engineering in a cyberattack. Hackers stole around $100,000 (roughly Rs. 93.4 lakh) from the company's hot wallets last week. It was later confirmed that no user funds, Zerion apps or infrastructure were affected and that the company had disabled the web app as a precautionary move. Zerion further added that the attacker gained access to some team members' logged-in sessions and credentials, as well as private keys to company hot wallets.
The firm stated that the attack was similar to those that had been investigated by the Security Alliance last week. Between February and April, the nonprofit Security Alliance (SEAL) reported that it had tracked and blocked over 164 domains linked to the DPRK group UNC1069. It was also mentioned in the report that the group operates “multiweek, low-pressure social engineering campaigns” across Telegram, LinkedIn and Slack. Malicious people impersonate trusted brands or known contacts, or they use access to company and individual accounts that have already been hacked.
In a post on X, Zerion addressed this issue and gave a glimpse of how the road looked ahead. The crypto wallet said, “This incident showed that AI is changing the way cyber threats work. We are taking steps to further strengthen Zerion's security,” The firm added in the post that they will be strengthening internal policies for using credentials and authentication. The Web app will be restored in the next 48 hours. The team will be investing in team security training and working to accelerate security compliance.
Last week, security researcher Taylor Manonan claimed that North Korean IT workers have been infiltrating DeFi platforms for the past 7 years. This includes the Drift Protocol hack as well, which disclosed a $280 million (roughly Rs. 2,600 crore) exploit, which also had a DPRK group behind it. Drift Protocol explained that this was not a typical hack, but a months-long, highly coordinated social engineering operation.
In a blog post earlier this year, blockchain security firm Elliptic also stated that ”The evolution of the DPRK's social engineering techniques, combined with the increasing availability of AI to refine and perfect these methods, means the threat extends well beyond exchanges.”
This incident reflects how cyber threats in the crypto ecosystem are evolving with the help of AI, which are making attacks more targeted and harder to detect. Cases like Zerion wallet and Drift protocol serve as an example that even established platforms are not immune to cyber threats, and hence, it reinforces the need for stringent security across the crypto landscape.
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.