PANews|5月 01, 2026 00:12
[North Korean Hacker Group Embeds Malicious Code Generated by Claude into Crypto Trading Tool openpaw-graveyard]
According to Cryptopolitan, security research firm ReversingLabs has discovered that a malicious npm package named PromptMink, containing code generated by Anthropic's Claude Opus AI model, was embedded into the open-source crypto trading project openpaw-graveyard. This led to the theft of users' crypto wallet credentials and system keys. The attack originates from the North Korean state-sponsored hacker group Famous Chollima, which has been distributing malicious npm packages since September 2025. The group employs a two-layer strategy: the first layer consists of "bait" packages without malicious code, while the second layer carries the actual malicious payload. When the second-layer package is taken down, the attackers release a replacement version on the same day.
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink