According to OpenSourceMalware research, North Korean hacking group Lazarus has hidden second-stage malware loaders in Git Hooks pre-commit scripts during targeted attacks on developers, a report revealed on May 9. The group uses a technique called “Contagious Interview” to lure developers into cloning malicious code repositories by posing as cryptocurrency and DeFi companies conducting recruitment. The attacks aim to steal crypto assets and credentials from affected developers.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
12 Malaysian Police Officers Robbed Chinese Citizens of $50,000 USDT in February; Investigation Stalled as of May 10
According to BlockBeats, 12 Malaysian police officers were arrested after allegedly robbing Chinese citizens of approximately $50,000 USDT during a raid on a rented villa in Kajang, Selangor in February 2026. The officers have been suspended pending investigation, which is awaiting cryptographic
GateNews2m ago
LayerZero issues an apology and admits a design flaw in its 1/1 DVN configuration: default to a full upgrade to 5/5
Cross-chain protocol LayerZero issued a public apology on May 9 (U.S. time), acknowledging a design flaw in the Kelp DAO hacker incident. CoinDesk, citing LayerZero’s official blog, wrote: “First things first: a belated apology. We allowed DVN to operate in 1/1 mode for high-value transactions—this is a mistake.” The position shifted from prior weeks’ accusations about “Kelp’s own configuration choices” to taking responsibility at the infrastructure layer itself. The attitude reversal occurred t
ChainNewsAbmedia6h ago
Crypto Wrench Attacks Surge 41% in 2026, With $101M Lost in First Four Months: CertiK
According to CertiK, cryptocurrency holders lost approximately $101 million from wrench attacks in the first four months of 2026, with 34 verified incidents globally—a 41% increase from the same period in 2025. If the trend continues, the firm estimates hundreds of millions in losses for the full
GateNews9h ago
LayerZero Issues Public Apology for Kelp DAO Exploit, Admits Single-Verifier Setup Fault
According to The Block, LayerZero issued a public apology Friday for its handling of the April 18 exploit that drained $292 million in rsETH from Kelp DAO's cross-chain bridge. The protocol acknowledged it made a mistake by allowing its Decentralized Verifier Network to serve as the sole verifier fo
GateNews13h ago
Crypto Wrench Attacks Rise 41% in 2026, Targeting Family Members
Crypto security firm CertiK estimates that cryptocurrency holders lost approximately $101 million from wrench attacks during the first four months of 2026, representing a 41% increase in verified incidents compared to the same period in 2025. If the trend continues at this rate, losses could reach s
CryptoFrontier15h ago
Linux "Copy Fail" Vulnerability Listed by CISA; 10-Line Code Enables Root Privilege Escalation
According to BlockBeats, on May 9, the Linux kernel "Copy Fail" vulnerability was added to CISA's Known Exploited Vulnerabilities (KEV) catalog. The flaw affects major Linux distributions since 2017 and allows attackers with regular user permissions to escalate to root access using
GateNews15h ago
