THREATNOIR
Subscribe
Back to Feed
Nation-stateApr 8, 2026

tl;dr North Korean state-sponsored hacker accidentally detonates information stealer malware. St...

North Korean state-sponsored hacker accidentally exposes stolen data and credentials.

Read at source

Summary

A North Korean state-sponsored threat actor inadvertently exposed a significant cache of stolen data, including millions in cryptocurrency, chat logs, and server credentials. Blockchain researcher ZachXBT obtained and analyzed the leaked information, revealing operational security failures by the group. The exposure provides rare insight into North Korean cyber operations and their targeting activities.

Indicators of Compromise

  • malware — information stealer

Entities

North Korean state-sponsored hacker group (threat_actor)ZachXBT (threat_actor)