[Mandiant: North Korean Hacker Group Intensifies Attacks on Cryptocurrency Companies] U.S. cybersecurity company Mandiant has discovered that the North Korea-linked threat group UNC1069 is ramping up social engineering attacks targeting cryptocurrency and fintech companies. The group has deployed seven malware suites, including newly identified SILENCELIFT, DEEPBREATH, and CHROMEPUSH, to steal sensitive data and digital assets. Attackers are leveraging compromised Telegram accounts and AI-generated deepfake videos to conduct fake Zoom meetings as bait, and using ClickFix attacks to trick victims into executing 'troubleshooting' commands that conceal hidden instructions. Mandiant has been tracking this group since 2018, and advancements in AI have enabled it to scale up malicious activities starting from November 2025.