Crypto World
North Korean Hackers Deploy AI-Driven Social Engineering on Zerion
Zerion disclosed that North Korean-affiliated hackers used AI-powered social engineering to extract about $100,000 from the company’s hot wallets last week. In a post-mortem published on Wednesday, the crypto wallet provider confirmed that no user funds, Zerion apps, or infrastructure were compromised, and it proactively disabled the web app as a precautionary measure.
Though the amount is modest by crypto-hacking standards, Zerion’s disclosure reinforces a growing trend: attackers are increasingly targeting human operators with AI-enabled techniques. The incident sits alongside a high-profile episode earlier in the month—a $280 million exploit of Drift Protocol attributed to a North Korea–linked operation—illustrating a broader shift in how threat actors approach crypto firms. The human layer, not firmware or smart contracts, has become a primary entry point for incursions into crypto environments.
Key takeaways
- AI-enabled social engineering is emerging as a principal attack vector for DPRK-linked actors, targeting insiders rather than exploiting code bugs alone.
- Zerion’s incident involved access to team members’ logged-in sessions, credentials, and private keys held in hot wallets, underscoring a vulnerability in identity and access management.
- The same threat cluster is tied to a broader pattern of long-running campaigns that impersonate trusted contacts and brands across common collaboration channels such as Telegram, LinkedIn, and Slack.
- Industry researchers have documented a growing toolbox: fake virtual meetings, AI-assisted image and video editing, and other deceptive tactics that reduce the friction for social engineering.
- Security analysts warn that the threat extends well beyond exchanges to developers, contributors, and anyone with access to crypto-infrastructure.
AI reshaping the threat landscape
The Zerion incident highlights a shift in how breaches unfold in crypto ecosystems. Zerion stated that the attacker gained access to some team members’ logged-in sessions, credentials, and private keys used for hot wallets. The firm described the event as an AI-enabled social engineering operation, indicating that artificial intelligence tools were deployed to refine phishing messages, impersonations, and other manipulative techniques.
This assessment aligns with earlier findings from industry researchers who have observed DPRK-affiliated groups sharpening their social engineering playbooks. In particular, Security Alliance (SEAL) reported tracking and blocking 164 domains linked to UNC1069 over a two-month window from February to April, noting that the group runs multiweek, low-pressure campaigns across Telegram, LinkedIn, and Slack. The actors impersonate known contacts or reputable brands or leverage access to previously compromised accounts to build trust and escalate access.
“UNC1069’s social engineering methodology is defined by patience, precision, and the deliberate weaponization of existing trust relationships.”
Google’s security arm, Mandiant, has detailed the group’s evolving workflow, including a documented use of fake Zoom meetings and AI-assisted editing of images or videos during the social engineering stage. The combination of deception and AI tools makes it harder for recipients to differentiate legitimate communications from fraudulent ones, increasing the likelihood of successful intrusions.
The DPRK threat surface expands beyond exchanges
Beyond the Zerion case, researchers have emphasized that North Korean threat actors have embedded themselves in crypto ecosystems for years. MetaMask developer and security researcher Taylor Monahan noted that DPRK IT workers have been involved in numerous protocols and projects for at least seven years, underscoring a persistent presence across the sector. The integration of AI tools into these campaigns compounds the risk, enabling more convincing impersonations and streamlined social-engineering workflows.
Analysts from Elliptic have summarized the evolving threat in a blog post, highlighting that the DPRK group operates along two vectors of attack—one sophisticated, another more opportunistic—targeting individual developers, project contributors, and anyone with access to crypto infrastructure. The observation echoes what Zerion and others are seeing on the ground: the barrier to entry for social-engineered breaches is lower than ever, thanks to AI’s ability to automate and tailor deceptive content at scale.
As the narrative broadens, observers stress that the human factor—credentials, session tokens, private keys, and trusted relationships—continues to be the primary entry point. The shift in tactics means companies must defend not only their code and deployments but also the integrity of internal communications and access paths that connect teams to critical assets.
What readers should watch next
Given the cross-cutting nature of these attacks, market participants and builders should monitor several developing threads. First, the Drift Protocol episode and Zerion’s incident together illustrate that DPRK-affiliated actors are pursuing a multi-stage, long-term approach that blends traditional social engineering with AI-augmented content creation. This implies that short-term fixes—such as patching a single vulnerability or alerting on suspicious code—will be insufficient without strengthened identity and access controls across the entire organization.
Second, the expansion of AI-enabled deception into ordinary collaboration channels suggests that defenders should heighten monitoring for anomalous login sessions, unusual privilege escalations, and suspicious impersonations within internal messaging and meeting platforms. As SEAL and Mandiant have shown, attackers leverage pre-existing trust relationships to lower suspicion, making human-level vigilance essential alongside technical controls.
Finally, the broader ecosystem should anticipate continued public reporting and analysis from researchers as more incidents surface. The convergence of AI with social engineering raises questions about regulatory and industry standards for incident response, vendor risk management, and user education. As the industry absorbs these lessons, it will be critical to track how wallets, protocols, and security firms adapt to an attacker playbook that increasingly emphasizes the human element paired with AI tooling.
For ongoing context, readers can review the Drift Protocol exploit analysis tied to the same DPRK-linked activity, the SEAL advisory tracking UNC1069, and Mandiant’s assessment of the group’s techniques, including AI-assisted deception. Commentary from researchers who have studied DPRK actors—such as Taylor Monahan and Elliptic—helps illuminate the depth and persistence of the threat, underscoring that the threat landscape is not only about exposed smart contracts but about how teams defend their people as well as their code.
As this area evolves, developments to watch include new case updates from Zerion and Drift Protocol, any shifts in threat actor tooling, and regulatory responses aimed at improving transparency and resilience in crypto businesses. The key throughline remains clear: the strongest defense combines robust identity hygiene with a vigilant, AI-informed security posture that can detect and deter sophisticated social-engineering campaigns before they strike.
error code: 524
This article was originally published as Ripple, Kyobo Advance Tokenized Bond Settlement in South Korea on Crypto Breaking News – your trusted source for crypto news, Bitcoin news, and blockchain updates.
A new class of crypto treasury companies is emerging around Strategy’s high-yield stock, STRC, drawing in firms looking to capture both exposure to bitcoin and additional income.
STRC is a security issued by Strategy, the largest publicly traded holder of bitcoin, as a funding vehicle to support its ongoing bitcoin accumulation strategy. The company raises capital by offering investors an annualized dividend of 11.5%, paid monthly in cash, with proceeds primarily used to purchase BTC.
Such is the stock’s popularity that it registered a record-breaking trading volume on Tuesday, with more than $1.6 billion in shares changing hands.
STRC, the new base layer
As trading volumes surge, a growing number of companies and decentralized finance protocols are accumulating STRC to capture its yield while gaining indirect exposure to bitcoin.
STRC is now being used as a base layer for new financial products that add leverage, tokenization and structured yield.
Saturn Credit, a bitcoin-backed yield platform, accumulated $15 million in STRC within six days of launch. Apyx, an onchain credit protocol, has built a position of 800,000 shares after purchasing an additional 200,000 STRC, with plans to become one of the largest holders.
BitStrategy is taking a similar approach. Co-founder and Head of US Ryan McGinnis said the firm aims to accumulate Strategy securities, with the long-term goal of becoming the world’s largest Strategy shareholder.
On-chain, nearly $200 million in tokenized STRC now exists on Ethereum, with close to $100 million trading on Pendle. Pendle is a decentralized finance platform that allows users to trade and separate yield from underlying assets, creating markets for future income streams.
Ex-dividend date pushes STRC below par value
During Wednesday’s pre-market trading, STRC dropped to $99.39, falling below its $100 par value, a reference price set by the company, often tied to how it issues new shares. This happened after the stock went “ex-dividend,” which means new buyers are no longer eligible to receive the upcoming dividend payment.
Because the price is now below $100, the company will temporarily stop selling new shares through its at-the-market (ATM) program.
Bitcoin price fell nearly 3% on Wednesday as investors booked profits following its sharp rally above $75,000 the previous day amid renewed hopes of U.S.-Iran peace talks.
Summary
- Bitcoin fell about 3% to an intraday low of $73,617 after a 7% rally the previous day, as traders took profits following the surge above $75,000.
- Market sentiment was influenced by renewed hopes of U.S.-Iran peace talks, though geopolitical uncertainty and delays in negotiations kept volatility elevated.
- Technical indicators remain bullish, with an ascending triangle pattern in play and key resistance near $76,000, while downside risk emerges below $72,000.
Bitcoin’s price fell today as investors booked profits following the sharp rebound yesterday. It is quite common for investors to take some profits, especially when such a sharp upside occurs after days of intense volatility amid geopolitical conflict situations.
The risk-off sentiment is not confined to Bitcoin and cryptocurrencies alone, as traditional safe-haven assets such as gold and silver have also fallen a bit today after crude oil prices moved up again following the sharp drop under $100 yesterday.
According to data from crypto.news, Bitcoin (BTC) price fell 3% to an intraday low of $73,617 on Wednesday after paring off some of its gains from the previous day when the bellwether rose 7% to nearly $76,000.
The rebound occurred amid renewed hopes of a more concrete ceasefire in place between the U.S. and Iran after reports emerged that Iran was ready to negotiate new terms regarding its nuclear program and maritime conduct.
Most recently, U.S. President Donald Trump told Fox News that the war is “close to over” after he hinted at a second round of face-to-face talks with Iran in Islamabad in the next two days. However, with Pakistan’s prime minister out of the nation till April 18, the talks could face some delays.
The diplomatic push follows after the U.S. initiated a naval blockade at the Strait of Hormuz to halt economic trade on all seaborne cargo going into and out of Iran.
The Iranian government had previously called the move state-sanctioned piracy, while they themselves implemented a controversial toll system in the area, reportedly to recoup losses for nearly $270 billion in direct and indirect damages on the nation since the start of the US-Israel war on Feb. 28.
Despite Bitcoin’s slight pullback today, its market structure continues to present a bullish bias for the coming sessions.
On the daily chart, Bitcoin’s price action has been forming an ascending triangle which is a bullish continuation pattern if the price breaks out above the resistance level. At press time, Bitcoin’s price action was hovering closer to the upper horizontal trendline of the pattern, which suggests that a decisive move by bulls could confirm the pattern.
Technical indicators further support this bullish outlook. Notably, the MACD lines have pointed upwards while the RSI bounced back from neutral threshold to 60, showing there is still room for further appreciation before hitting overbought territory.
Hence, the next key resistance for Bitcoin lies at $76,000. A break above the trendline could trigger a rally toward the $80,000 mark.
On the contrary, if Bitcoin price were to fall below $72,000, it could invalidate the current bullish setup and lead to a retest of support near $70,000.
Disclosure: This article does not represent investment advice. The content and materials featured on this page are for educational purposes only.
Societe Generale-FORGE, the digital asset arm of French banking giant Societe Generale, has integrated its Markets in Crypto Assets Regulation (MiCA)-compliant USD CoinVertible (USDCV) stablecoin into MetaMask, giving the wallet’s millions of users access to a regulated dollar token issued by a major European bank.
The company said in a release on Wednesday that under the partnership with Consensys, USDCV, which is backed by cash and cash-equivalent reserves and issued under French electronic money regulations, will be surfaced in MetaMask on mobile and web. The token is redeemable 1:1 in dollars and will be made available for functions including trading, decentralized finance interaction and fiat on-ramping, with Transak serving as the on-ramp provider.
The move expands access to one of the few dollar stablecoins issued by a major European bank. It also comes as regulated issuers seek to turn MiCA compliance into a commercial advantage by distributing tokens across widely used crypto platforms. SG-FORGE CEO Jean-Marc Stenger said the MetaMask rollout is intended to broaden access to compliant digital assets.
Under the European Union’s new framework, a growing but still relatively small pool of approved stablecoin issuers, with around 10 entities authorized so far, is competing for market share, making integrations with wallets like MetaMask increasingly important.
Consensys CEO Joseph Lubin said in the release that stablecoins are becoming a more important part of digital financial infrastructure.
Cointelegraph reached out to Societe Generale-FORGE and Consensys for comment but had not received a response by publication.
Related: ECB backs tokenized EU capital markets with strict guardrails
SG-FORGE expands multichain stablecoin strategy
SG-FORGE also issues EUR CoinVertible, a MiCA-compliant euro stablecoin first launched on Ethereum (ETH) in 2023. The token has since expanded as part of a multichain strategy to Solana, the XRP Ledger and Stellar, while USDCV is available on Ethereum and Solana and listed through several exchanges and partners, according to SG-FORGE.
The euro-denominated token has been part of broader efforts by Societe Generale-FORGE to test tokenized financial infrastructure, including participation in experiments involving tokenized bonds and settlement through blockchain networks.
Magazine: Singapore isn’t a ‘crypto hub’ — it’s something better: StraitsX CEO
Crypto World
EToro to acquire crypto wallet Zengo in $70 million deal to expand self-custodial services
EToro (ETOR) has agreed to acquire crypto wallet provider Zengo as it brings self-custody tools into its trading platform in a deal estimated at around $70 million.
The deal pairs eToro’s multi-asset investing network with Zengo’s non-custodial wallet, according to an announcement on Wednesday.
A non-custodial wallet allows users to custody their own funds by controlling the keys to the wallet directly.
Zengo uses multi-party computation, or MPC, to secure user funds without a seed phrase, a design meant to reduce common risks tied to lost or stolen keys.
EToro said the deal will help it support newer crypto use cases such as tokenized assets and decentralized markets, including prediction platforms and perpetual futures.
“As we often say, crypto downtimes are the time to build and this acquisition reflects that long-term approach,” said eToro’s co-founder and CEO Yoni Assia.
Zengo, founded in 2018, offers features including token swaps, staking and fiat onramps. It reports more than 2 million users globally. Its wallet will remain separate from eToro’s regulated services, with users interacting directly with third-party protocols, according to Wednesday’s announcement.
The acquisition is subject to closing conditions. An eToro spokesperson told CoinDesk terms of the deal aren’t being disclosed though Bloomberg reported it to be worth around $70 million.
Key Takeaways
- Wang Hao, Tesla China’s president, identified GigaShanghai as a critical facility for achieving large-scale Optimus production
- This represents the initial public confirmation from Tesla leadership regarding Shanghai’s involvement in humanoid robot assembly
- The Shanghai facility manufactured 851,000 vehicles during 2025, representing over half of Tesla’s worldwide production volume
- Tesla’s Fremont facility is simultaneously being repurposed for humanoid robot assembly operations
- Elon Musk’s compensation structure requires delivery of one million Optimus units before 2035
Tesla’s Chinese manufacturing powerhouse may expand beyond automotive production. On Tuesday, Wang Hao, president of Tesla China, revealed that the Shanghai Gigafactory possesses the capabilities to manufacture Optimus humanoid robots and could become instrumental in ramping up production volumes.
Wang described GigaShanghai as the “golden key” for overcoming mass production obstacles related to Optimus — representing the first instance of a Tesla executive publicly identifying Shanghai as a prospective robotics manufacturing location.
According to Wang, the facility can “shoulder important responsibilities in manufacturing all new products, including robots,” and he conveyed optimism about “welcoming the arrival of a new era of robots.”
Wang stopped short of clarifying whether Tesla plans to repurpose current Shanghai infrastructure or construct dedicated robotics facilities.
GigaShanghai stands as Tesla’s most expansive and efficient manufacturing operation. Throughout 2025, the plant delivered approximately 851,000 vehicles — accounting for 52% of the company’s worldwide production. During Q1 specifically, the facility’s deliveries jumped 23.5% compared to the previous year, reaching 213,398 vehicles and comprising 59.6% of Tesla’s quarterly global production.
The Shanghai operation currently manages both Model 3 and Model Y assembly for Chinese customers and international markets. Additionally, the facility launched Megapack battery production in the previous year, with targets set at 10,000 units per year.
Shanghai’s Strategic Manufacturing Advantages
The Chinese facility offers multiple strategic benefits for robotics production: cutting-edge automation systems, experienced labor force, and proximity to extensive supplier ecosystems. These elements align precisely with requirements for complex humanoid robot manufacturing at industrial scale.
Elon Musk has openly recognized the challenges inherent in scaling Optimus production. However, GigaShanghai’s established operational framework provides Tesla with significant foundational advantages.
Optimus represents Tesla’s vision for an accessible, functional humanoid robot — positioned at $20,000 to $30,000 price points. The robot operates on a 2.3 kWh battery system, features bipedal locomotion, reaches maximum speeds near 5 mph, and incorporates dexterous hands capable of precision manipulation.
Simultaneously, Tesla is transforming its Fremont manufacturing complex — previously the production home for Model S and Model X vehicles, both discontinued — into a specialized humanoid robot assembly center.
Musk’s recently approved compensation arrangement, potentially valued up to $1 trillion, hinges on achieving delivery of one million Optimus robots by 2035. This performance benchmark explains the accelerated push toward production scaling.
Competitive Landscape in Robotics
Musk has been candid regarding Tesla’s primary robotics competitor. During January’s earnings discussion, he identified China as “by far the biggest competition” in the humanoid robot sector, praising the nation as “incredibly good at scaling manufacturing.”
He further asserted that Tesla’s Optimus remains “much more capable than any robot we are aware of under development in China,” though recognizing advancements from competitors including XPeng, which targets 1,000 IRON robot units monthly and envisions one million yearly sales by 2030.
Government-backed manufacturers Changan and Chery are similarly pursuing humanoid robot development. Nio has adopted a more cautious approach, stating it will delay robotics investment until achieving consistent financial profitability.
Current Wall Street consensus rates TSLA as Hold, reflecting 13 Buy recommendations, 11 Hold ratings, and 6 Sell opinions across the most recent three-month period. Analysts’ average price target stands at $402.29, suggesting approximately 10.5% potential appreciation.
Key Highlights
- Taiwan Semiconductor posts Q1 2026 results April 16, prior to market open.
- Analysts project EPS at $3.30, representing 50%+ growth versus prior year, with revenue estimates at $35.35 billion.
- The chipmaker pre-announced Q1 sales of $35.76 billion, marking a 35% YoY increase and surpassing Wall Street predictions.
- Implied volatility from options indicates approximately 5% movement post-earnings.
- New street-leading target of $600 issued by Aletheia Capital, with unanimous Buy recommendations from seven monitored analysts.
Taiwan Semiconductor Manufacturing (TSM) prepares to unveil its first-quarter 2026 financial results this Thursday, April 16, during pre-market hours. The announcement carries significant weight across the semiconductor industry, reflecting TSMC’s position as the globe’s dominant foundry chipmaker.
Taiwan Semiconductor Manufacturing Company Limited, TSM
The foundry giant has already provided preliminary revenue data. Last Friday, TSMC disclosed first-quarter sales totaling 1.13 trillion New Taiwan Dollars—approximately $35.76 billion—representing a 35% year-over-year increase that exceeded Wall Street projections. This advance disclosure has established an optimistic backdrop for Thursday’s comprehensive earnings announcement.
Financial analysts anticipate earnings per share of $3.30, marking growth exceeding 50% compared to the same quarter in 2025. The revenue consensus stands at $35.35 billion, though the previously disclosed sales figure has already surpassed this threshold.
Wall Street Elevates Price Projections Before Results
Stefan Chang of Aletheia Capital established a fresh industry-leading price objective of $600, elevated from a previous $500 target, while reaffirming his Buy recommendation. Chang highlighted TSMC’s aggressive capacity buildout initiatives and accelerated deployment of cutting-edge chip packaging solutions. His analysis anticipates the majority of additional production capability becoming operational during 2027 and 2028, with immediate-term sequential revenue expansion projected between 8% and 10%.
Haas Liu from Bank of America similarly increased his price objective to NT$2,530 from NT$2,360, maintaining his Buy stance. Liu emphasized robust appetite for high-performance computing processors and artificial intelligence chips, forecasting Q2 revenue growth of 7% to 9% on a sequential basis.
Every analyst currently covering the stock—seven in total tracked by Visible Alpha—advises purchasing shares. The mean price target of $423.50 suggests potential appreciation of approximately 14.6% from present trading levels.
TSM shares have climbed more than 20% since the beginning of the year and have surged over 137% across the trailing twelve months.
Derivatives Market Anticipates ~5% Post-Earnings Movement
Options market activity indicates traders are preparing for TSMC stock volatility of roughly 4.83% to 5% in either direction following the quarterly disclosure. Using Monday’s closing price as a baseline, this positions the upward target near $386—approaching February peak levels—while the downside zone sits around $353.
Wedbush analysts observed Friday that the robust first-quarter sales performance reinforces sustained artificial intelligence demand trends. They additionally highlighted the figures as potentially favorable indicators for TSMC’s two largest clients, Nvidia (NVDA) and Apple (AAPL).
The company’s projected first-quarter earnings stand at 20.73 New Taiwan Dollars, equating to roughly 65 cents per American depositary share.
TipRanks assigns TSMC a Strong Buy consensus rating, derived from six Buy recommendations and one Hold rating issued within the past three months.
South Korean insurance giant Kyobo Life is moving to modernize its fixed-income operations through a new partnership with Ripple to tokenize government bonds.
Summary
- Kyobo Life Insurance has partnered with Ripple to implement a digital custody platform for tokenizing and settling South Korean government bonds.
- The collaboration utilizes blockchain technology to facilitate near real-time settlement cycles and reduce the risks associated with manual bond processing.
According to a company statement released Wednesday, the collaboration focuses on integrating Ripple Custody to manage the digital holding, transfer, and settlement of these assets.
The move signals an effort to transition away from traditional manual bond processing in favor of a blockchain-based infrastructure. By moving these transactions onto a digital ledger, the firms expect to collapse settlement times from the standard two-day period to nearly real-time execution.
Fiona Murray, Ripple’s managing director for Asia Pacific, noted that the partnership demonstrates that institutional-grade digital asset infrastructure is “available, proven, and ready to deploy in Korea today.”
Beyond bond settlement, the two companies are exploring the use of stablecoin-based payment rails. This secondary phase would facilitate 24/7 transaction capabilities, potentially lowering counterparty risks and helping the insurer manage capital more efficiently.
Ripple has maintained a steady pace of expansion across the Asia-Pacific region, leading up to this deal.
The firm recently moved to acquire BC Payments to obtain an Australian Financial Services License and partnered with Singapore’s central bank on the BLOOM initiative. The pilot uses the XRP Ledger and the dollar-pegged RLUSD stablecoin to test programmable cross-border trade settlements.
The utility of XRP is also seeing increased traction in the retail sector through a new integration with Japanese e-commerce leader Rakuten.
On Wednesday, Rakuten Wallet added XRP as both a tradable asset and a functional payment method.
Users in Japan can now convert Rakuten Points into XRP or use the cryptocurrency to fund Rakuten Cash balances for spending at various merchants.
Despite these infrastructure developments, XRP’s market price dipped 1.5% over the last day to $1.35, maintaining its position as the fifth-largest cryptocurrency with a market capitalization of roughly $83.2 billion.
Ethereum (ETH) has outperformed the broader market and all top-10 large-cap digital assets over the past month, gaining more than 12% amid war-driven macro volatility reshaping capital flows.
Several analysts have now pointed to three distinct signals that paint a bullish picture for Ethereum’s price heading into the second half of April.
Ethereum Record Network Activity Meets Depressed Prices
Leon Waidmann, head of research at Lisk, highlighted that the Ethereum mainnet recorded 3.62 million transactions on April 12. That figure marks the first time the network has processed more than 3 million transactions in a single day.
According to Waidmann, daily transactions have trended higher since November 2025. The baseline shifted from roughly 1.5 million to approximately 2.5 million over the past six months.
Combined with 284,000 new users in Q1 and a record stablecoin supply, these metrics point to sustained organic growth on Ethereum’s base layer.
Follow us on X to get the latest news as it happens
Meanwhile, staking infrastructure provider Everstake noted that ETH still trades more than 50% below its all-time high despite strong network activity. Thus, the price reflects a wide gap between network usage and market valuation.
“This creates a notable divergence, because network activity is at peak levels, while price has yet to fully reflect that strength. Historically, such gaps tend to narrow over time,” the post read. “Ethereum stands on one of the strongest foundations it has ever had – record usage, a deeply established ecosystem, and continuous progress in scaling and development. In many ways, this highlights a simple dynamic: price often follows fundamentals, not the other way around. And the fundamentals are already in place.”
Technical Indicators Flash Bullish Signals
On the technical side, analyst Crypto Patel pointed to the Ethereum Rainbow Chart, a logarithmic regression tool that maps long-term valuation bands. According to Patel,
“The Ethereum Rainbow Chart is saying one simple thing right now. It’s cheap. Not ‘okay to buy.’ Not ‘maybe wait.’ Not ‘hold and hope.’ Just cheap.”
He noted that ETH has only entered this band twice before, and both times it reached the upper “Take Profit” range within 18 months.
Separately, analyst Ash Crypto highlighted a confirmed weekly MACD bullish crossover. The Moving Average Convergence Divergence indicator tracks momentum shifts on longer timeframes.
According to Ash Crypto, the previous two weekly MACD crosses on ETH preceded rallies of 183% and 75%, respectively.
With ETH trading near $2,346 as of April 14, a 183% rally from current levels would place the asset around $6,639, while a 75% move would target approximately $4,105. Whether the current confluence of on-chain strength and technical signals translates into sustained price action will likely depend on broader macro conditions through Q2.
Subscribe to our YouTube channel to watch leaders and journalists provide expert insights
The post 3 Bullish Signals Suggest Ethereum May Be Undervalued in April appeared first on BeInCrypto.
A new social engineering scheme is leveraging the Obsidian note-taking app to deploy stealthy malware targeting cryptocurrency and finance professionals.
Summary
- Scammers are using LinkedIn and Telegram to trick crypto professionals into downloading malicious Obsidian plugins that deploy a remote access trojan.
- Elastic Security Labs discovered that the undocumented PHANTOMPULSE malware uses three different blockchain networks to receive commands and maintain persistence.
- Security researchers recommend that financial firms implement strict application-level plugin policies to prevent legitimate productivity tools from being exploited.
Elastic Security Labs released a report Tuesday detailing how attackers use “elaborate social engineering on LinkedIn and Telegram” to bypass traditional security by hiding malicious code within community-developed plugins.
The campaign specifically targets individuals in the digital asset space, capitalizing on the permanent nature of blockchain transactions. This vulnerability is particularly acute given that wallet compromises accounted for $713 million in stolen funds during 2025, according to Chainalysis data.
The infiltration begins with scammers posing as venture capital representatives on LinkedIn to initiate professional networking. These conversations eventually transition to Telegram, where the attackers discuss cryptocurrency liquidity solutions to build a “plausible business context.”
Once trust is established, targets are invited to access what is described as a company database or dashboard hosted on a shared Obsidian cloud vault.
Opening the vault serves as the initial access vector. The victim is directed to enable community plugin synchronization, which triggers the silent execution of trojanized software.
While the technical execution varies slightly between Windows and macOS, both paths result in the installation of a previously unknown remote access trojan (RAT) named PHANTOMPULSE.
This malware is designed to grant attackers full control over the infected device while maintaining a low profile to avoid detection.
PHANTOMPULSE maintains its connection to the attackers through a decentralized command-and-control (C2) system that spans three different blockchain networks.
By using on-chain transaction data tied to specific wallets, the malware can receive instructions without a central server.
“Because blockchain transactions are immutable and publicly accessible, the malware can always locate its C2 without relying on centralized infrastructure,” Elastic noted.
The use of multiple chains ensures the attack remains resilient even if one blockchain explorer is restricted. This method allows the operators to rotate their infrastructure seamlessly, making it difficult for defenders to sever the link between the malware and its source.
Elastic warned that by abusing Obsidian’s intended functionality, the hackers managed to “skirt traditional security controls entirely.”
The firm suggests that organizations operating in high-risk financial sectors should implement strict application-level policies for plugins to prevent legitimate productivity tools from being repurposed as entry points for theft.
Commuters welcome second year of Translink fare freeze
Taylor Frankie Paul Breaks Silence Over Avoided Charges
Rochelle Humes says ‘this is big’ as husband Marvin among supporters of latest move
![GTA 5 MONEY GLITCH... [NOT PATCHED]](https://wordupnews.com/wp-content/uploads/2026/04/1776247694_maxresdefault-80x80.jpg)
-
Politics5 days agoUS brings back mandatory military draft registration
-
Sports5 days agoMan United discover Nico Schlotterbeck transfer fee as defender reaches Dortmund agreement
-
Fashion5 days agoWeekend Open Thread: Veronica Beard
-
Politics5 days agoMalcolm In The Middle OG Turned Down ‘Buckets Of Money’ To Appear In Reboot
-
Politics3 days agoWorld Cup exit makes Italy enter crisis mode
-
Crypto World6 days agoCanary Capital Files SEC Registration for PEPE ETF
-
Business5 days agoTesla Model Y Tops China Auto Sales in March 2026 With 39,827 Registrations, Beating Cheaper EVs and Gas Cars
-
Crypto World2 days agoThe SEC Conditionalises DeFi Platforms to Be Avoided for Broker Registration
-
Crypto World2 days agoSEC Signals Exemption for Crypto Interfaces From Broker Registration
-
Crypto World7 days agoBitcoin recovers as US and Iran Agree a Ceasefire Deal
-
News Videos2 hours agoSecure crypto trading starts with an FIU-registered
-
NewsBeat2 days agoPep Guardiola and Gary Neville agree over Arsenal title problem that benefits Man City
-
Business5 days agoOpenAI Halts Stargate UK Data Centre Project Over Energy Costs and Copyright Row
-
Business4 days agoIreland Fuel Protests Enter Day 5 as Blockades Spark Shortages and Government Prepares Support Package
-
Politics5 days agoLBC Presenter Mocks Trump Over Iran War Failures
-
Crypto World4 days agoFederal judge blocks Arizona from bringing criminal charges against Kalshi
-
NewsBeat3 days agoJD Vance announces ‘no agreement’ with Iran over nuclear weapons fear
-
Tech5 days agoA version of Windows 10 released a decade ago is now eligible for additional security patches
-
Crypto World1 day agoSEC Proposes Certain Crypto Interfaces Don’t Need to Register as Brokers
-
NewsBeat1 day agoTrump and Pope Leo: Behind their disagreement over Iran war
You must be logged in to post a comment Login