温馨提示:本站仅提供公开网络链接索引服务,不存储、不篡改任何第三方内容,所有内容版权归原作者所有
AI智能索引来源:http://www.bee.com/ja/55579.html
点击访问原文链接

After reverse hacking North Korean hackers, I saw how they workRecommended Articles | Bee Network

进入原网站 导航首页
After reverse hacking North Korean hackers, I saw how they workRecommended Articles | Bee Network Login トレンドニュース ミーム・ローンチパッド AIエージェント デサイ トップチェーンエクスプローラー 初心者向け 100x コイン ビーゲーム 重要なウェブサイト 必須のアプリ クリプトセレブリティ デピン ルーキーズ・エッセンシャル トラップディテクタ 基本的なツール 高度な Web サイト 交換 NFTツール こんにちは、 サインアウト Web3 ユニバース ゲーム ダップ ミツバチの巣 成長するプラットフォーム 広告 検索 英語 コインをリチャージする ログイン ダウンロード Web3 ユニ ゲーム ダップ ミツバチの巣 広告 ホーム-分析-After reverse hacking North Korean hackers, I saw how they workRecommended Articles After reverse hacking North Korean hackers, I saw how they workRecommended Articles分析7ヶ月前更新ワイアット 25,9391 35 Odaily Planet Dailyが編集( @OdailyChina 東訳 ゆーすけ )

Editor’s Note: North Korean hackers have always been a major threat to the 暗号currency market. In the past, victims and industry security professionals could only infer North Korean hackers’ behavior patterns by reverse engineering related security incidents. However, yesterday, renowned on-chain detective ZachXBT, in a recent tweet, cited an investigation and analysis by a white-hat hacker who reverse-hackered North Korean hackers. This proactive analysis reveals the North Korean hackers’ working methods for the first time , potentially providing positive insights into preemptive security measures for industry projects.

The following is the full text of ZachXBT, compiled by Odaily Planet Daily.

An anonymous hacker recently compromised the device of a North Korean IT worker, revealing how a five-person technical team operated over 30 fake identities , using fake government-issued IDs and purchased Upwork and LinkedIn accounts to infiltrate various development projects.

Investigators obtained Google Drive data, Chrome browser profiles, and device screenshots, which revealed that the team relied heavily on Google tools to coordinate work schedules, assign tasks, and manage budgets, with all communications conducted in English.

A weekly report from 2025 revealed the hacker team’s work patterns and the difficulties they encountered. For example, one member complained that they “couldn’t understand the job requirements and didn’t know what to do.” The corresponding solution was to “dedicate ourselves and work harder.”

Detailed expense records show that their expenditure items include purchasing social security numbers (SSNs), Upwork and LinkedIn account transactions, renting phone numbers, subscribing to AI services, renting computers, and purchasing VPN/proxy services.

One spreadsheet detailed the schedule and scripts for meetings attended by the fictitious “Henry Zhang.” The operational process revealed that these North Korean IT workers would first purchase Upwork and LinkedIn accounts, rent computer equipment, and then complete outsourced work using the AnyDesk remote control tool.

One of the wallet addresses they used to send and receive funds was: 0x78e1a4781d184e7ce6a124dd96e765e2bea96f2c ;

This address is closely linked to the $680,000 Favrr protocol attack in June 2025. Its CTO and other developers were later confirmed to be North Korean IT workers with forged credentials. This address has also been used to identify North Korean IT personnel involved in other infiltration projects.

The team also found the following key evidence in their search records and browser history.

One might ask, “How can we be sure they are from North Korea?” In addition to all the fraudulent documents detailed above, their search history also shows that they frequently use Google Translate and translate into Korean using a Russian IP.

Currently, the main challenges for enterprises in preventing North Korean IT workers are as follows:

Lack of systematic collaboration: There is a lack of effective information sharing and cooperation mechanisms between platform service providers and private enterprises; Employer oversight: Hiring teams often become defensive after receiving risk warnings, or even refuse to cooperate with investigations; Impact of numerical advantage: Although its technical means are not complicated, it continues to penetrate the global job market with its huge base of job seekers; Funding conversion channels: Payment platforms such as Payoneer are frequently used to convert fiat currency income from development work into cryptocurrency; I have introduced the indicators that need attention many times. If you are interested, you can check out my historical tweets. I will not repeat them here.

この記事はインターネットから得たものです。 After reverse hacking North Korean hackers, I saw how they workRecommended Articles

Related: SOL ETF approved. Who is playing the role of Solana version of MicroStrategy in the US stock market? On June 30, the Solana spot staking ETF jointly launched by REX and Osprey was approved and will officially start trading on July 2, this Wednesday. This is the first cryptocurrency ETF in the US market that includes on-chain staking income. After the news was announced, the price of SOL rose by nearly 6%, breaking through $160 in a short period of time and now at $154. Previously, the SOL ETF applications submitted by many well-known institutions have not been approved for a long time, but an unknown company has passed customs first. What is the difference between the ETF launched by REX-Osprey, which was the first to cross the line? In the US stock market, what other companies and assets are betting on the Solana ecosystem and becoming investment…

#分析#暗号# マーケット# ツール© 版权声明配列 上一篇 MyStonks' $6.2 million withdrawal blocked: regulatory enforcement, not platform misappropriationRecommended Articles 下一篇 ETHGlobal NYC Hackathon Concludes: A Roundup of the Top 10 Winning ProjectsRecommended Articles 相关文章 A review of the Kaia Wave Stablecoin Summer Hackathon 6086cf14eb90bc67ca4fc62b 16,697 1 イーサリアムDAT財務省戦略会社:ETHはいつ売られるのか? 6086cf14eb90bc67ca4fc62b 21,018 Trump ignites altcoin bull run? Bankless predicts the trend of eight major tokens 6086cf14eb90bc67ca4fc62b 35,644 SOLの時価総額が1000億を超えたら、Solanaの可能性と制約についてお話ししましょう 6086cf14eb90bc67ca4fc62b 41,238 Understanding the Meteora Project in One Article 6086cf14eb90bc67ca4fc62b 20,026 Binance Labsが12のプロジェクトを選定、その事業背景と最新の進捗状況の概要を紹介 6086cf14eb90bc67ca4fc62b 49,935 1 1件のコメント コメントを残すにはログインが必要です! すぐにログイン #BeelieverPD352YL ゲスト 良い

1週間前 最新記事 Did Jane Street “Manipulate” BTC? Decoding the AP System, Understanding the Power Struggle Behind ETF Creation and Redemption Pricing 14時間前 533 Stop Comparing Bitcoin to Gold—It’s Now a High-Volatility Software Stock 14時間前 632 Matrixport Research: $25 Billion Gamma Unwinding Imminent, Liquidity Yet to Return Behind the Rebound 14時間前 580 ERC-5564: Ethereum’s Stealth Era Has Arrived, Receiving Addresses No Longer ‘Exposed’ 14時間前 503 Hong Kong Regulatory Green Light: Asseto Enables DL Holdings to Achieve Compliance for Two RWA Business Implementations 14時間前 554 人気のウェブサイトTempoLighterGAIBグライダープランクレイリーズBCPoker(ビーシーポーカーヴーイ Bee.com 世界最大の Web3 ポータル パートナー コインカープ バイナンス コインマーケットキャップ CoinGecko コインライブ Bee Network APP をダウンロードして、Web3 の旅を始めましょう 白書 役割 よくある質問 © 2021-2026.無断複写・転載を禁じます。. プライバシーポリシー | 利用規約 Bee Networkアプリをダウンロード そしてWeb3の旅を始めましょう 世界最大のWeb3ポータル パートナー CoinCarp Binance CoinMarketCap CoinGecko Coinlive Armors 白書 役割 よくある質問 © 2021-2026.無断複写・転載を禁じます。. プライバシーポリシー | 利用規約 検索 検索インサイトオンチェーン社交ニュース 热门推荐: エアドロップハンター データ分析 クリプトセレブリティ トラップディテクタ 日本語 English 繁體中文 简体中文 Tiếng Việt العربية 한국어 Bahasa Indonesia हिन्दी اردو Русский 日本語

智能索引记录