Close Menu
CryptoHoppers.comCryptoHoppers.com
    What's Hot

    Zilliqa reopens proposal to introduce gZIL delegation

    June 15, 2023

    Bitcoin whales accumulate BTC worth a billion dollar

    June 10, 2024

    Can Blockchain Solve Healthcare? Nigeria Bets On The Technology To Curb Fake Drugs

    February 18, 2024
    Facebook X (Twitter) Instagram
    • Privacy Policy
    • Get In Touch
    Facebook X (Twitter) Instagram
    CryptoHoppers.comCryptoHoppers.com
    • News

      Bitcoin Knots Tightens Grip, Snags Over a Quarter of Network Nodes

      September 14, 2025

      XRP Price At $23, Dogecoin To $2, And Solana At $1,800? Analyst Unveils 2026 Predictions

      September 13, 2025

      World Liberty Financial Nets Trump Family Crypto Billions

      September 12, 2025

      Bitchat downloads spike in Nepal amid national unrest

      September 11, 2025

      Franklin Templeton & Binance Join Forces on Digital Assets

      September 10, 2025
    • Technology

      Bullish patterns in Trump Coin face whale-sized risks

      September 14, 2025

      WisdomTree Brings Private Credit Onchain With CRDT on Ethereum and Stellar

      September 13, 2025

      Upbit Teases New Blockchain Project “Giwa” with Countdown

      September 12, 2025

      Why DeFi tokens are set for 1000% rally – A trillion-dollar opportunity?

      September 11, 2025

      Blockchain Powers Jack Ma’s $8-B Ant Group Energy Asset Strategy

      September 10, 2025
    • Learn/Guide

      Prenetics now holds 228 BTC and buys 1 BTC daily

      September 14, 2025

      Rabby Wallet integrates XRPL EVM chain with Peersyst

      September 13, 2025

      Tether to launch US-based stablecoin USAT

      September 12, 2025

      Byreal launches Real Farmer copy farming product on Solana with Bybit backing

      September 11, 2025

      Almanak launches alUSD on Pendle with 1.25x Almanak Points boost for LPs and YT holders

      September 10, 2025
    • NFTs

      Slimesunday’s Magnum Opus: ‘Banned from New York’ Blows the Lid Off Digital Censorship | NFT CULTURE | NFT News | Web3 Culture

      July 22, 2025

      1mouth Analog: miirror’s Raw Leap from Digital to Handmade Chaos | NFT CULTURE | NFT News | Web3 Culture

      May 9, 2025

      NFTCulture Expands Into TCGs with Cardcore.xyz: Where Digital Collectibles Meet Competitive Play | NFT CULTURE | NFT News | Web3 Culture

      May 8, 2025

      From Moonshots to Broken Links: The Rise and Fall of CloneX | NFT CULTURE | NFT News | Web3 Culture

      April 24, 2025

      Pacific Spirit: Vinyl Meets Code in a Groundbreaking Generative Drop on Art Blocks | NFT CULTURE | NFT News | Web3 Culture

      April 16, 2025
    • Regulation

      Why the GENIUS Act, Not State Licenses, Could Decide Hyperliquid’s USDH Future

      September 14, 2025

      Coinbase Files Motion to Sanction SEC Over Missing Gensler Texts

      September 13, 2025

      South Korea Opens Venture Funding to Crypto Firms, Ending 7-Year Ban

      September 12, 2025

      GENIUS Act Loophole Risks Draining Small Banks, Senator Warns

      September 11, 2025

      Legal Ruling Shields Cook, Slows Trump’s Fed Shake-Up and Crypto Risk

      September 10, 2025
    • Business

      Metaplanet Is About to Drop $881M Into Bitcoin, Here’s the Timeline

      August 27, 2025

      Sri Lanka’s E-commerce Platform Kapruka to Introduce Crypto Payments

      November 17, 2024

      Leading Eastern European Exchange Exmo Sells Business in Russia, Belarus

      November 16, 2024

      Bank of Russia to Launch Digital Ruble Payment Infrastructure by July 2025

      November 15, 2024

      Bitcoin Mining Company Mara Holdings Now Holds 26,747 Bitcoin: Q3 Earnings Report Reveals

      November 14, 2024
    • Live Pricing
    CryptoHoppers.comCryptoHoppers.com
    Home » DPRK-identified addresses have swapped $200K through MetaMask in what looks like a crypto laundry test
    News

    DPRK-identified addresses have swapped $200K through MetaMask in what looks like a crypto laundry test

    December 24, 20244 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    DPRK-identified addresses have swapped $200K through MetaMask in what looks like a crypto laundry test
    Share
    Facebook Twitter LinkedIn Pinterest Email



    Addresses identified as belonging to North Korean hackers have laundered $200K in crypto through MetaMask. This type of swap comes with high fees, but can be an exit point for hackers.

    A list of addresses linked to previous North Korean hacker exploits has surfaced in a series of MetaMask swaps. The addresses only swapped $200K in crypto assets, leaving $1,985 in swap fees. The MetaMask router is among the high-fee tools to swap crypto, but can be fast and accessible for hackers to obscure the origin of funds or avoid token freezing.

    While the sum was small, the event itself was ominous, given the perception that DPRK hackers don’t trade, but test. Hacking activity slowed down in the second half of 2024, but there are still signs of mixing and trying to conceal funds.

    The MetaMask discovery follows another episode of hacker addresses using Web3 services, DEXs and the wallet’s native router. Recently, inflows from hacker addresses were discovered on the Hyperliquid bridge. The perpetual futures DEX was not exploited in any way, but the event was also considered a test for moving funds. Some consider Hyperliquid to be still at risk, due to its limited validator points that can be exploited.

    MetaMask itself has not been compromised and has remained a secure wallet, barring personal mistakes. Taylor Monahan, @tayvano, also noted the wallet has been targeted in multiple ways by North Korean hackers, who are always looking for ways to unlock stored crypto.

    “MetaMask is and always has been concerned…We track DPRK carefully because they are the single largest threat to crypto companies. We also track every other crypto threat actors bc DPRK is largest but not the only threat,” said @tayvano in a recent X post.

    North Korean hackers avoid USDC as lockable asset

    While slowing down their exploits, North Korean hackers have been swapping funds and moving between chains.

    The list of wallets that used MetaMask swaps also has a long history of using various decentralized protocols. The wallets swap between Ethereum (ETH) and stablecoins USDT and USDC.

    Both stablecoins are, in theory, freezable assets, but especially USDC. For that reason, the wallets always swap back to ETH or other tokens, or move to the Arbitrum chain for some of the tasks. The wallets never keep a USDC balance for long, despite the highly active usage of the token.

    The two addresses were highly active, interacting with ENS accounts, OpenSea users and web3 protocols. The swaps continued in the past few hours, again with the main task of moving funds on a relatively small scale.

    0x52263cAEc2e144C3A84cc16d014157360Ac85A89

    0x070cA92f568037d351666b3918a0F6ba7ad20ED1

    The wallet activities and their counterparties connect to some of the most active recent protocols, meme tokens, NFTs and other assets. However, most of the activity centers around swapping into stablecoins as a temporary step.

    Wallet activity raises more concerns about the safety of Hyperliquid

    The recent swaps were relatively minor, with transactions under $500. However, some of the wallet counterparties showed interactions with DEXs and DeFi hubs, often transacting with the Hyperliquid bridge.

    The alleged hacker wallet histories also contain interactions with Hyperliquid from the past few hours and days. For now, the protocol has not been attacked directly, but some consider it another tool for mixing funds or trading to obscure the origin of tokens. The Hyperliquid bridge is the biggest concern for attacks, since the hub’s value grew exponentially. The bridge holds more than $2B, and may not be sufficiently protected, according to @tayvano.

    For now, there is no other direct link between the MetaMask swap users and a potential attack against the bridge. The MetaMask swaps may be a part of general activity to move between assets with minimal tracking.

    North Korean hackers reportedly doubled their haul in 2024, potentially taking up to $1.3B from the crypto market. Most of the activity was concentrated in the first half of the year, with major hacks slowing down in the last quarter.

    From Zero to Web3 Pro: Your 90-Day Career Launch Plan



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Bitcoin Knots Tightens Grip, Snags Over a Quarter of Network Nodes

    September 14, 2025

    XRP Price At $23, Dogecoin To $2, And Solana At $1,800? Analyst Unveils 2026 Predictions

    September 13, 2025

    World Liberty Financial Nets Trump Family Crypto Billions

    September 12, 2025

    Bitchat downloads spike in Nepal amid national unrest

    September 11, 2025
    Top Posts

    Blockchain Titles Resurge: Epic Games Store Initiates Crypto Gaming Renaissance

    December 28, 2023

    Bitcoin Addiction? Michael Saylor Buys 15,355 BTC More

    May 1, 2025

    Deamus shifts to Avalanche for ticketing experience

    October 4, 2023

    Welcome to CryptoHoppers.com! Stay informed with the latest updates, trends, and insights from the dynamic world of cryptocurrencies. From Bitcoin to altcoins, blockchain technology to decentralized finance (DeFi), we cover it all. Discover expert analysis, market trends, regulatory developments, and exciting innovations shaping the crypto industry.

    Top Insights

    Bitcoin Knots Tightens Grip, Snags Over a Quarter of Network Nodes

    September 14, 2025

    XRP Price At $23, Dogecoin To $2, And Solana At $1,800? Analyst Unveils 2026 Predictions

    September 13, 2025

    World Liberty Financial Nets Trump Family Crypto Billions

    September 12, 2025
    Advertisement
    Demo
    CryptoHoppers.com
    Facebook X (Twitter) Instagram
    • News
    • Technology
    • Learn/Guide
    • Regulation
    • NFTs
    • Business
    • Live Pricing
    © 2025. Designed by CryptoHoppers.com.

    Type above and press Enter to search. Press Esc to cancel.