Ripple Shares North Korean Threat Intelligence with Crypto Industry

Ripple, a leading player in the cryptocurrency space, has made a significant move to enhance the security of the industry by sharing its internal threat intelligence on North Korean hackers. The company announced that it will be providing this information through Crypto ISAC, a not-for-profit cybersecurity organization.

The shared data includes enriched profiles of suspected North Korean IT workers trying to embed themselves in crypto firms, as well as domains and wallets associated with fraud and indicators of compromise from active DPRK hack campaigns. This move is seen as a significant step towards collaborative security measures, where the strongest security posture is achieved through shared information.

The shift in tactics by North Korean operatives from quick technical exploits to patient social engineering campaigns has raised concerns among industry experts. Recent hacks, such as the KelpDAO and Drift attacks, have highlighted the need for better coordination and sharing of threat intelligence. The severity of these incidents has triggered an immediate response from the industry, with the Arbitrum Security Council freezing over 30,000 ETH of the attacker's downstream funds.