Radiant Capital攻击事件更新，朝鲜黑客冒充前承包商发送恶意软件实施攻击

Blockbeats

Dec 09, 2024

BlockBeats 消息，12 月 9 日，据 Cointelegraph 报道，Radiant Capital 在 12 月 6 日更新的调查报告中称，网络安全公司 Mandiant 已经评估，高度确信此次攻击是由朝鲜（DPRK）附属威胁行为者所为。

该平台称，一名 Radiant 开发人员于 9 月 11 日收到了一条 Telegram 消息，其中包含一个来自“可信赖的前承包商”的压缩文件，要求就他们正在计划的一项新工作提供反馈。经审查，这条信息疑似来自冒充前承包商的与朝鲜结盟的威胁行为者。“这个 ZIP 文件在分享给其他开发人员征求反馈意见时，最终发送了恶意软件，为随后的入侵提供了便利"。

Radiant Capital 认为负责该事件的威胁行为者被称为"UNC4736"——据悉与朝鲜主要情报机构侦察总局 (RGB) 有关，并被推测是黑客组织 Lazarus Group 的一个子团伙。

此前报道，跨链借贷协议 Radiant Capital 遭遇网络攻击，损失超过 5000 万美元。

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

1
2
3
4
5
6
7
8
9
10

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2490379567"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2490379567\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2490379567?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2024-12-09 10:42","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2490379567","market":"us","top_or_hot":-1,"title":"Radiant Capital攻击事件更新，朝鲜黑客冒充前承包商发送恶意软件实施攻击","media":"Blockbeats","content":"<html><body><div><p>BlockBeats 消息，12 月 9 日，据 Cointelegraph 报道，Radiant Capital 在 12 月 6 日更新的调查报告中称，网络安全公司 <a href=\"https://laohu8.com/S/MNDT\">Mandiant</a> 已经评估，高度确信此次攻击是由朝鲜（DPRK）附属威胁行为者所为。</p><p>该平台称，一名 Radiant 开发人员于 9 月 11 日收到了一条 Telegram 消息，其中包含一个来自“可信赖的前承包商”的压缩文件，要求就他们正在计划的一项新工作提供反馈。经审查，这条信息疑似来自冒充前承包商的与朝鲜结盟的威胁行为者。“这个 ZIP 文件在分享给其他开发人员征求反馈意见时，最终发送了恶意软件，为随后的入侵提供了便利\"。</p><p>Radiant Capital 认为负责该事件的威胁行为者被称为\"UNC4736\"——据悉与朝鲜主要情报机构侦察总局 (RGB) 有关，并被推测是黑客组织 Lazarus Group 的一个子团伙。</p><p>此前报道，跨链借贷协议 Radiant Capital 遭遇网络攻击，损失超过 5000 万美元。</p></div></body></html>","source":"theblockbeats_zh_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>Radiant Capital攻击事件更新，朝鲜黑客冒充前承包商发送恶意软件实施攻击</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nRadiant Capital攻击事件更新，朝鲜黑客冒充前承包商发送恶意软件实施攻击\n</h2>\n\n<h4 class=\"meta\">\n\n\n2024-12-09 10:42 北京时间&nbsp;&nbsp;&nbsp;<a href=https://www.theblockbeats.info//flash/273503><strong>Blockbeats</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>BlockBeats 消息，12 月 9 日，据 Cointelegraph 报道，Radiant Capital 在 12 月 6 日更新的调查报告中称，网络安全公司 Mandiant 已经评估，高度确信此次攻击是由朝鲜（DPRK）附属威胁行为者所为。该平台称，一名 Radiant 开发人员于 9 月 11 日收到了一条 Telegram 消息，其中包含一个来自“可信赖的前承包商”的压缩文件，...</p>\n\n<a href=\"https://www.theblockbeats.info//flash/273503\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"BK4077","symbol_name":"互动媒体与服务","start_time":0,"source_url":"https://www.theblockbeats.info//flash/273503","article_id":"2490379567","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2490379567","pubTimestamp":1733712120,"columns":[],"sourceInfo":{"source_id":"theblockbeats_zh_live","name":"blockbeat"},"weMediaInfo":null,"summary":"BlockBeats 消息，12 月 9 日，据 Cointelegraph 报道，Radiant Capital 在 12 月 6 日更新的调查报告中称，网络安全公司 Mandiant 已经评估，高","collect":0,"end_time":0,"defaultTopTitle":"theblockbeats.info","property":[],"viewcount":null,"language":"zh","relate_stocks":{"BK4077":"互动媒体与服务","RGB.AU":"RUSSELL INVEST AUST GOVT BON","ZIP":"ZipRecruiter Inc.","BK4539":"次新股","BK4097":"系统软件","ZIP.AU":"Zip Co Ltd","MNDT":"Mandiant","BK7093":"消费信贷"},"translate_title":"Radiant Capital attack incident update, North Korean hackers posing as former contractors to send malware to carry out attack","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"RGB.AU":1,"ZIP":1,"ZIP.AU":1,"MNDT":1},"content_text":"BlockBeats 消息，12 月 9 日，据 Cointelegraph 报道，Radiant Capital 在 12 月 6 日更新的调查报告中称，网络安全公司 Mandiant 已经评估，高度确信此次攻击是由朝鲜（DPRK）附属威胁行为者所为。该平台称，一名 Radiant 开发人员于 9 月 11 日收到了一条 Telegram 消息，其中包含一个来自“可信赖的前承包商”的压缩文件，要求就他们正在计划的一项新工作提供反馈。经审查，这条信息疑似来自冒充前承包商的与朝鲜结盟的威胁行为者。“这个 ZIP 文件在分享给其他开发人员征求反馈意见时，最终发送了恶意软件，为随后的入侵提供了便利\"。Radiant Capital 认为负责该事件的威胁行为者被称为\"UNC4736\"——据悉与朝鲜主要情报机构侦察总局 (RGB) 有关，并被推测是黑客组织 Lazarus Group 的一个子团伙。此前报道，跨链借贷协议 Radiant Capital 遭遇网络攻击，损失超过 5000 万美元。","kind":"live","is_publish_news":false,"is_publish_highlight":false,"is_publish_live":true,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":1,"need_auth":false,"code":"91000000","status":"200"}}}