- February 11, 2026
- Posted by: admin
- Category: BitCoin, Blockchain, Cryptocurrency, Investments
Mandiant, which operates under Google Cloud, has tracked the suspected North Korean scammers since 2018, but AI has helped scale up malicious attacks since November 2025.
North Korea-linked threat actors are escalating social engineering campaigns targeting cryptocurrency and fintech companies, deploying new malware designed to harvest sensitive data and steal digital assets.
In a recent campaign, a threat cluster tracked as UNC1069 deployed seven malware families aimed at capturing and exfiltrating victim data, according to a Tuesday report from Mandiant, a US cybersecurity firm that operates under Google Cloud.
The campaign relied on social engineering schemes involving compromised Telegram accounts and fake Zoom meetings with deepfake videos generated through artificial intelligence tools.
