Atlas Cybersecurity summarizes ClearSky reporting on CryptoCore, a cryptocurrency exchange theft group active since at least 2018. The group primarily targeted exchanges and related companies in the United States and Japan through reconnaissance and spear phishing, with thefts assessed at roughly $70 million. The article describes attempts to reach exchange wallets through executives' personal accounts or corporate email, followed by supply chain style access against organizations connected to the target exchanges; it does not attribute the activity to DPRK or Lazarus.