Security Incident: Post Mortem
Contents
Security Incident: Post Mortem
14
17
85
10K
Last week, one of the Zerion team member’s devices was compromised. This led to approximately $100K in stolen funds from internal company hot wallets. No user funds, Zerion apps or infrastructure were affected. We proactively took down the Zerion web app and it will be restored in the next 48 hours. Here's what happened and what we're doing about it.
What happened
Last week, a team member became a target for an AI-enabled social engineering attack linked to a DPRK threat actor, similar to those that have been investigated by SEAL
.
This allowed the attacker to gain access to some of the team member’s logged-in sessions and credentials as well as private keys to company hot wallets used for testing and internal purposes.
Scope and impact
The total financial damage was approximately $100K of company funds held in several hot wallets.
Thanks to internal security policies and the Zerion team’s swift actions, …
14
17
85
10K
Last week, one of the Zerion team member’s devices was compromised. This led to approximately $100K in stolen funds from internal company hot wallets. No user funds, Zerion apps or infrastructure were affected. We proactively took down the Zerion web app and it will be restored in the next 48 hours. Here's what happened and what we're doing about it.
What happened
Last week, a team member became a target for an AI-enabled social engineering attack linked to a DPRK threat actor, similar to those that have been investigated by SEAL
.
This allowed the attacker to gain access to some of the team member’s logged-in sessions and credentials as well as private keys to company hot wallets used for testing and internal purposes.
Scope and impact
The total financial damage was approximately $100K of company funds held in several hot wallets.
Thanks to internal security policies and the Zerion team’s swift actions, …