DPRK Hackers Target Crypto Firms, Steal Keys and Cloud Assets in Coordinated Attacks

Suspected DPRK hackers have been targeting cryptocurrency firms through a coordinated campaign involving web-app exploitation, cloud abuse, and secrets theft, leading to the compromise of cloud assets and the potential for large-scale digital asset theft. The attackers exploit vulnerabilities like React2Shell to gain initial access, then move to AWS and Kubernetes reconnaissance, exfiltrating source code, private keys, and other sensitive information.