Bitcoin(BTC) $76,389.02 +0.39%
Chainlink(LINK) $9.41 +0.74%
Polkadot(DOT) $1.27 -0.58%
Hyperliquid(HYPE) $39.91 -2.19%
THORChain(RUNE) $0.47 +10.31%
Terra Classic(LUNC) $0.00 +4.28%
Dash(DASH) $36.60 +6.18%
Cardano(ADA) $0.25 +0.22%
Meteora(MET) +
Sign(SIGN) +
Zcash(ZEC) $318.33 +0.19%
JUST(JST) $0.08 +10.04%
BNB(BNB) $632.66 +0.16%
Unibase(UB) +
RaveDAO(RAVE) $1.47 +36.22%
Litecoin(LTC) $55.64 +0.79%
Audiera(BEAT) $0.56 +18.31%
WINkLink(WIN) $0.00 +6.70%
Euler(EUL) $6.79 -1.79%
GoPlus Security(GPS) +
Bitcoin(BTC) $76,389.02 +0.39%
Chainlink(LINK) $9.41 +0.74%
Polkadot(DOT) $1.27 -0.58%
Hyperliquid(HYPE) $39.91 -2.19%
THORChain(RUNE) $0.47 +10.31%
Terra Classic(LUNC) $0.00 +4.28%
Dash(DASH) $36.60 +6.18%
Cardano(ADA) $0.25 +0.22%
Meteora(MET) +
Sign(SIGN) +
Zcash(ZEC) $318.33 +0.19%
JUST(JST) $0.08 +10.04%
BNB(BNB) $632.66 +0.16%
Unibase(UB) +
RaveDAO(RAVE) $1.47 +36.22%
Litecoin(LTC) $55.64 +0.79%
Audiera(BEAT) $0.56 +18.31%
WINkLink(WIN) $0.00 +6.70%
Euler(EUL) $6.79 -1.79%
GoPlus Security(GPS) +

North Korean AI Hack Hits Zerion, $100K Lost in Social Engineering Attack

By CRYIP
about 23 hours ago
AI IMX APRIL
Send

Zerion disclosed a security incident in which a team member’s device was compromised through an AI-enabled social engineering attack linked to a DPRK threat actor. The breach resulted in the theft of company funds from internal hot wallets. User assets remained untouched because the Zerion Wallet operates on a fully self-custodial model. The company responded by immediately placing its web application into maintenance mode and expects to restore service within 48 hours while implementing enhanced protective measures across its operations.

Team Device Compromised

Last week a Zerion team member became the target of a sophisticated AI-enabled social engineering campaign associated with a DPRK threat actor, similar to incidents previously examined by security researchers at SEAL. The attackers successfully obtained access to the employee’s active logged-in sessions and credentials together with private keys belonging to several company hot wallets maintained exclusively for testing and internal purposes. Internal security protocols activated promptly, preventing the intruders from achieving any material additional abuse of the stolen credentials. The web application was moved to maintenance mode on April 11, 2026, after anomalous activity was detected on app.zerion.io, thereby blocking any possibility of malicious code deployment to Zerion’s domains.

Impact and Industry Warning

The breach produced no losses to any user funds, as Zerion Wallet grants the team zero access to customer private keys or seed phrases. Zerion’s mobile applications, browser extensions, backend infrastructure, external API services, and all social media and communication channels stayed fully isolated and operational throughout the event. In its official statement the company stressed that “this was not an opportunistic attack” and described the perpetrator as “clearly sophisticated and well-resourced” with a carefully planned operation. It further warned the broader crypto industry to exercise extreme caution with unexpected permission prompts, verify every link, and remain skeptical of AI-generated video calls or meetings. Zerion has already engaged specialized security partners to trace the stolen funds and has reported the attacker wallets to law enforcement authorities.

Key Incident Summary

  • Attack exploited AI tools to breach a single team member’s credentials and internal hot wallet keys
  • Financial damage confined to roughly $100,000 in company-controlled assets with zero user impact
  • Web application proactively taken offline on April 11 to eliminate deployment risks
  • Full credential rotation, device audits, and strengthened authentication policies now underway
Related News
Twitter-owned short video app Vine set to return in AI form after 8 years
Bullish MACD Flash: Is DOGE Set to Hit $0.70 Next?
Google unveils new AI Community Center in Accra
27 Shocking Signs You’re Trapped in a Market Bubble Right Now!
Ethereum Skyrockets, Powell Under Attack, + MEGA IPOs Incoming
Nigeria Stablecoin Summit: Stakeholders champion real-world use cases for explosive adoption
Court affirms FIRS’ authority to levy VAT on Bolt’s ride-hailing and food vendor services
Neobanks vs. Traditional Banks in Nigeria: Who is winning?
Nigeria’s 90,000km fibre
NLC calls for legislation to regulate Uber, Bolt, inDrive operations in Lagos