研究：朝鲜黑客利用虚假工作机会入侵云系统，今年已窃取16亿美元的加密货币

DailyNews

2025-08-05 00:33:37

AWS-29,12%

BTC-3,79%

PANews 8月5日消息，据Decrypt报道，根据Google Cloud与网络安全公司Wiz的研究，朝鲜黑客组织正通过虚假IT职位邀约渗透云系统，预计2025年已窃取价值16亿美元加密货币。研究显示，代号UNC4899的黑客团队（又称TraderTraitor，Jade Sleet或Slow Pisces）通过社交媒体假扮招聘方，诱使目标企业员工运行恶意程序，成功入侵谷歌云和AWS系统并劫持加密货币交易主机。Wiz表示，TraderTraitor代表的是某种类型的威胁活动，而非某个特定的团体，朝鲜支持的实体Lazarus Group、APT38、BlueNoroff和Stardust Chollima都是典型的TraderTraitor攻击的幕后黑手。该攻击模式自2020年持续进化：早期使用JavaScript构建恶意加密应用，2023年引入开源代码漏洞利用，2024年重点针对交易所云基础设施实施攻击，包括造成日本DMM Bitcoin 3.05亿美元损失的入侵事件。专家指出，朝鲜黑客率先采用AI技术生成钓鱼邮件和恶意脚本，其攻击团队规模可能达数千人。

Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to Disclaimer.

Opmerking

0/400

Geen opmerkingen