North Korean Hackers Steal $100K from Zerion Using AI Social Engineering

North Korean Hackers Steal $100K from Zerion Using AI Social Engineering

First seen 15 Apr 2026, 10:44 UTC TechflowpostPanewslabMexcBitget 85% similarity 70.2

Article Content

Browse articles
ThreatCluster

Zerion, a DeFi crypto wallet provider, reported a theft of approximately $100,000 from its hot wallets due to an AI-enhanced social engineering attack linked to North Korean hackers. The attack, which targeted employee credentials and logged-in sessions, is the second incident involving DPRK-affiliated hackers this month, following a $285 million breach at Drift Protocol. Zerion confirmed that user funds and infrastructure were not compromised and has since disabled its web application as a precaution. The Security Alliance (SEAL) has been tracking the hacker group UNC1069, which employs multi-week social engineering tactics across platforms like Telegram and Slack. This incident reflects a concerning trend in the sophistication of cyber threats, particularly as AI tools become more prevalent in attack methodologies. Zerion has reported the incident to law enforcement and is reviewing employee devices for vulnerabilities. The attack highlights the evolving nature of cyber threats in the crypto sector, where even smaller firms are not immune to sophisticated tactics.

Key Points: • Zerion lost $100,000 due to an AI-driven social engineering attack by North Korean hackers. • No user funds were compromised, but internal company hot wallets were affected. • The attack is part of a broader trend of increasing sophistication in cyber threats targeting crypto firms.

ThreatCluster AI

Timeline

2026-04-01
Drift Protocol suffers a $285 million breach linked to North Korean hackers.
2026-04-15
Zerion reports $100,000 theft from hot wallets due to social engineering attack.
2026-04-15
Zerion disables web application as a precaution after the attack.

Community

Browse all →