Top

Hackers utilize social engineering, move funds through Cambodian platform

Policy & Regulation·July 16, 2024, 11:28 PM

A couple of recent reports have revealed how North Korean hackers have been moving funds to a Cambodian crypto payments platform while further insight has come to light with regard to how these hackers are compromising crypto companies.

 

Huoine Pay

On July 15, Reuters reported that Cambodian currency exchange and payments firm Huione Pay had received in excess of $150,000 in digital currency from a wallet associated with notorious North Korean hacking group Lazarus. Analysis of blockchain data demonstrated that the funds had been received by the Phnom Penh-headquartered payments firm in June 2023 and February 2024. 

https://asset.coinness.com/en/news/5dcc9ca840696cba8765b6b77f39bbf6.webp
Photo by allPhoto Bangkok on Unsplash

‘Pig butchering’

It’s understood that Lazarus stole those digital assets from three crypto firms during the months of June and July of 2023. While Huione has suggested that it was oblivious to the origin of the funds, a blog article by blockchain analytics company Elliptic, published to its website on July 10, suggested that “Huione Guarantee is an online marketplace that has become widely used by scam operators in South East Asia.” 

 

Elliptic went on to assert that some of these scammers employ “pig butchering” techniques, where fraudsters manipulate the victim into investing into fraudulent crypto schemes. It added that “merchants on the platform offer technology, data and money laundering services, and have engaged in transactions totaling at least $11 billion.”

 

The National Bank of Cambodia explained to Reuters that the company is not permitted to trade crypto and that it "would not hesitate to impose any corrective measures" against Huione. The platform is believed to have strong ties to Cambodia’s ruling family. One of the firm’s three directors is understood to be a cousin of the Cambodian Prime Minister, Hun Manet.

 

The Lazarus hacking group is believed to have masterminded a $305 million hack of Japanese cryptocurrency DMM Bitcoin in May of this year. Pseudonymous on-chain investigator ZachXBT claimed on X that $35 million of the proceeds had been laundered through the Huione platform.

 

Compromising crypto businesses

In a related development, a report by DL News published on July 15 has found that North Korean hackers are employing a new tactic in order to compromise crypto businesses. The hackers are scanning the internet for job postings advertised by the companies they’re targeting and submitting bogus applications.

 

A report by the United Nations Security Council has revealed that in excess of 4,000 North Koreans have taken up employment with international technology firms. Part of the social engineering-based tactics employed by the hackers includes contriving to get employees within targeted companies to install malware. 

 

Oftentimes, the resumes and LinkedIn profiles of real people are used in order to find a way in via the recruitment process. A report by DeFiLlama suggests that $664 million has been lost via instances of crypto hacking within the first half of 2024. 

More to Read
View All
Web3 & Enterprise·

Jan 10, 2024

KLEVA to undergo upgrade and migrate to WEMIX3.0 network

KLEVA, a decentralized finance (DeFi) service that until now has been based on the Klaytn blockchain, is set to move to Wemade’s WEMIX3.0 mainnet as a native service and undergo a new upgrade to “KLEVA omni”, according to an official Medium announcement by WEMIX on Tuesday (KST). As a result, KLEVA tokens will be issued on the WEMIX3.0 network instead of Klaytn. Existing tokens will be migrated to WEMIX3.0 as well.Photo by GuerrillaBuzz on UnsplashThe team at KLEVA revealed that it decided to move the service to WEMIX3.0 to gain access to broader inter-network connectivity. The decision also came as a result of security strengthening efforts related to custodial bridge services using the Lock and Mint method. Unveiling KLEVA omniKLEVA omni is an amalgamation of service advancements within the Trans-Chain DeFi protocol, rooted in the WEMIX Foundation's unagi initiative – a new innovative omnichain network and interoperable Web3 gaming platform. This innovative protocol integrates optimized tokenomics tailored for the omnichain ecosystem. By going beyond the limitations of single-chain DeFi and placing an emphasis on token rewards, the value of the Trans-Chain DeFi protocol is centered around the KLEVA token.  At its core, KLEVA omni is differentiated in its ability to process trans-chain transactions. It serves not only as a comprehensive solution for inter-chain yield farming but also as a bridge between service providers and users across boundaries.  Solution to variable yields and interchain risksIn addition, in the current market landscape, variations in deposit yields and loan interest rates exist for the same asset across different chains and services. KLEVA omni addresses this by sharing such information with users, streamlining their research and decision-making processes. This makes it easier for users to optimize their investment portfolios. The protocol will use una Bridge – a non-custodial omnichain bridge under the unagi initiative that mitigates the risks presented by wrapped tokens – to enable secure and efficient trading. It will also support various blockchains like Arbitrum, Optimism, Avalanche, Polygon, Ethereum, BNB and Solana.

news
Markets·

Sep 30, 2025

Vietnam $3.8B gambling case in a world of rising crypto crime

Vietnamese authorities have dismantled a criminal ring that used cryptocurrency to launder illicit gambling profits, AFP reported, citing local media. The group converted local currency into digital assets such as USDT and Ethereum, routing funds to users for online betting. Operating multi-layered investment websites, the network grew to as many as 20,000 users and managed 25 million accounts, despite Vietnam’s ban on cryptocurrency. In total, the transactions involved were valued at roughly $3.8 billion. Police allege that millions of dollars were funneled into real estate, luxury cars, and cross-border cash transfers. While the money laundering probe continues, the gambling case has already produced convictions. Four Vietnamese siblings who ran the network, along with 39 other defendants, received sentences in Ho Chi Minh City ranging from a three-year suspended term to 13 years in prison. An Indian national identified as the alleged mastermind remains at large.Photo by Amanda Jones on UnsplashThai police foil crypto-themed fraudElsewhere in the region, police in neighboring Thailand busted a South Korean crime syndicate based in Pattaya that allegedly stole more than 20 billion won ($14.2 million) through fraud schemes that invoked cryptocurrency as a lure, along with other scams, the Chosun Ilbo reported. The scam ring reportedly obtained customer data from a lottery tip site and collected money from victims either by posing as agents offering membership refunds or by claiming to provide compensation for leaked personal information, which they disguised as opportunities to buy digital assets. In addition to these schemes, the syndicate ran romance scams and posed as authorities. Thai police arrested 20 members in a June resort raid. Nine more suspects, including ringleaders, remain in custody awaiting extradition. Seoul police said that, in total, 25 members have been caught, 21 of whom are now detained. Authorities believe the network may be linked to other groups in Thailand and are widening the investigation. Europe uncovers $120M crypto fraudCrypto crimes aren’t limited to Asia. In Europe, police arrested five suspects in a Eurojust-led operation that uncovered an online investment scam worth at least €100 million ($116.8 million). Operating since 2018 across 23 countries, the scheme lured victims with platforms promising high returns, then funneled deposits through Lithuanian accounts before disappearing. In a report by the Organized Crime and Corruption Reporting Project, Elliptic Chief Scientist Tom Robinson said such schemes often have little to do with cryptocurrency itself, instead exploiting its technical obscurity and the allure of quick gains. Beyond scams, outright theft from crypto platforms is also climbing. A Chainalysis study found that by the end of June 2025, more than $2.17 billion had been stolen from exchanges and related platforms—already surpassing the total for all of 2024. The firm projects losses could reach $4 billion by year-end. The single largest incident was the February hack of the Bybit exchange, in which thieves took $1.5 billion, roughly 69% of all funds stolen in the first half of this year. Crypto crime turns increasingly violentThe Chainalysis report also flagged a rise in physical attacks, in which criminals use violence or coercion to force individuals to hand over their crypto holdings. The firm warned that 2025 may log nearly twice as many cases as the worst year on record, noting that the attacks often rise and fall with expectations for Bitcoin’s price. In response to these threats, Chainalysis stressed the need for a multilayered approach to crypto security. It advised service providers to strengthen internal controls through regular audits and employee screening, while upgrading wallet infrastructure and other technical defenses. For individuals, the firm said, keeping holdings discreet has become as critical as technical safeguards, especially amid the rise in physical attacks. 

news
Web3 & Enterprise·

Jan 17, 2024

$100M funding sees HashKey unlock unicorn status

HashKey Group, the operator of one of Hong Kong's two licensed crypto exchanges, declared its newfound unicorn status on Tuesday, having successfully raised nearly $100 million in a recent funding round.Photo by Markus Winkler on UnsplashSeries A funding roundThe term "unicorn" denotes privately held companies valued at $1 billion or more, reflecting the remarkable achievement for HashKey in the rapidly evolving crypto landscape. With a valuation now surpassing $1.2 billion, HashKey positions itself as a major player in the crypto space within East and Southeast Asia. It’s leveraging its activities that span trading platforms, venture funding, wealth management and asset management in key locations like Hong Kong and Singapore. Its Singapore arm was awarded a capital markets license by the local regulator in December. Undisclosed investorsThe fundraising initiative was first reported in May of last year and later announced by HashKey in August. It attracted contributions from both existing and new investors. While the company refrained from divulging specific investor names, it referred to them as "prominent institutional investors" and "leading Web3 institutions," signaling a mix of established entities and those already at the forefront of Web3 innovation. It was previously disclosed that the company has been backed by the support of OKX Ventures, the investment arm of the well-known OKX digital asset exchange. The funds secured will serve a dual purpose – fostering the development of a robust Web3 ecosystem and supporting licensed products in Hong Kong. HashKey's diverse business arms, including asset management, a blockchain node validation service, a tokenization service, and a Web3 incubation arm, are set to benefit from the fresh capital infusion. The allocation of funds towards these ventures aligns with HashKey's strategic vision to contribute significantly to the evolving crypto ecosystem. Hong Kong hubHong Kong, eager to establish itself as a digital asset hub, has been the backdrop for HashKey's growth. The city's dedicated virtual-asset regulatory framework, introduced in June, aims to attract companies while prioritizing investor protection. Under this framework, retail investors can trade major tokens such as Bitcoin and Ether on licensed exchanges, with HashKey Exchange and BC Technology Group Ltd.’s OSL currently leading the way. Despite the optimism surrounding Hong Kong's potential as a crypto hub, uncertainties linger. The city's ability to support multiple crypto exchanges and the long-term commitment of officials to the sector remain open questions, given its susceptibility to occasional scandals. Since commencing its retail trading service in late August, HashKey Exchange has garnered over 155,000 registered users. The platform's 24-hour spot trading volume is estimated at approximately $11 million, according to CoinMarketCap data as of this writing. While this figure may pale in comparison to Binance, the world's largest crypto platform, HashKey's focus on building a resilient and user-friendly ecosystem positions it as a strong contender in the crypto industry's ongoing evolution. The successful funding round and unicorn status attained by HashKey underscore the renewed optimism in the crypto venture capital landscape. Following a market slump in 2022 and various challenges faced by crypto startups, the recent resurgence in token prices has reignited hopes for a more favorable venture capital outlook.

news
Loading