Zerion Says North Korean Hackers Stole About $100,000 From Hot Wallet

Zerion states that a long-term AI-assisted social engineering campaign linked to North Korean hackers breached an internal hot wallet, highlighting how attackers can bypass technical defenses by targeting employees.

46d ago

Summary

Zerion said attackers linked to North Korean threat actors stole about $100,000 from an internal hot wallet through a long-term, AI-assisted social engineering campaign. The company said the attackers targeted employees rather than directly breaking technical defenses, and that user funds, app infrastructure, and customer assets were not affected. Zerion previously said the attackers obtained some logged-in sessions, credentials, and the private key for the affected wallet. In response, the company took its web app offline, rotated exposed credentials, and reported the wallet address to law enforcement on April 15.

Terms & Concepts

Hot wallet: A cryptocurrency wallet connected to the internet, enabling quick transactions but making it more exposed to online compromise.
Private key: A confidential cryptographic key that controls access to a wallet and is needed to authorize blockchain transactions.
Social engineering: A method of attack that manipulates people into revealing sensitive information or granting access, instead of exploiting code directly.