Mandiant, which operates under Google Cloud, has tracked the suspected North Korean scammers since 2018, and AI has helped scale up malicious attacks since November 2025.
North Korea-linked threat actors are escalating social engineering campaigns targeting cryptocurrency and fintech companies, deploying new malware designed to harvest sensitive data and steal digital assets.
In a recent campaign, a threat cluster tracked as UNC1069 deployed seven malware families aimed at capturing and exfiltrating victim data, according to a Tuesday report from Mandiant, a US cybersecurity company that operates under Google Cloud.
The campaign relied on social engineering schemes involving compromised Telegram accounts and fake Zoom meetings with deepfake videos generated through artificial intelligence tools.
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments