Recommended

#BTCCOGWEEK: Celebrate the Classics of Meme Coins
Crypto Deposit Make instant crypto transfers to your futures account
USDT-M Perpetual Futures Trade futures contracts settled in USDT
VIP Fee Discounts Enjoy different fee discounts based on your VIP level
Coin-M Perpetual Futures Trade futures contracts settled in cryptocurrency
Fiat Deposit Buy your favourite coins in seconds
Affiliates Invite friends & get rewarded
Convert Covert your crypto instantly
Support Centre Find our FAQs here
Announcements Find all our official announcements
BTCC Academy Learn about blockchain and crypto
News The latest trends in the crypto market

Promotions

Referral
Campaigns
Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / Coinbase News /
Coinbase Impersonated in North Korean ’PylangGhost’ Crypto Malware Attack

Coinbase Impersonated in North Korean ’PylangGhost’ Crypto Malware Attack

Author:
Coinbase News
Published:
2025-06-20 13:56:59
14
2

North Korean hackers have escalated their targeting of cryptocurrency professionals with a new Python-based malware called 'PylangGhost.' Posing as recruiters from major firms like Coinbase, Robinhood, and Uniswap, the attackers lure victims into fake job interviews and skill-testing websites. Once engaged, the malware compromises over 80 browser extensions and crypto wallets, posing a significant threat to digital asset security. Cybersecurity experts at Cisco Talos have identified this sophisticated attack vector, emphasizing the need for heightened vigilance in the crypto community.

North Korean Hackers Target Crypto Professionals with 'PylangGhost' Trojan

North Korean cybercriminals have intensified their focus on the cryptocurrency sector, deploying a sophisticated Python-based malware dubbed 'PylangGhost.' The malware is distributed through fake job interviews impersonating major companies like Coinbase, Robinhood, and Uniswap. Victims are lured into skill-testing websites that ultimately compromise over 80 browser extensions and crypto wallets.

Cisco Talos researchers attribute the campaign to the notorious 'Famous Chollima' threat group, which has primarily targeted crypto professionals in India. The operation leverages social engineering, with victims tricked into executing malicious commands disguised as video driver installations for fake interview recordings.

This marks the latest escalation in North Korea's systematic attacks on the cryptocurrency industry, which have already yielded over $1.3 billion in stolen funds across 47 incidents in 2024, according to Chainalysis.

North Korea Targets Crypto Professionals With New Malware in Hiring Scams

Hackers affiliated with North Korea have launched a sophisticated malware campaign targeting cryptocurrency professionals. Posing as recruiters from prominent platforms like Coinbase and Uniswap, they deploy "PylangGhost," a Python-based trojan designed to infiltrate systems.

The operation underscores Pyongyang's continued focus on cybercrime as a revenue stream. By impersonating legitimate industry players, attackers exploit trust within the crypto community to gain access to sensitive data and assets.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service
Social Media

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2025 BTCC.com. All rights reserved