VECStake Live - Claude Coded the Attack: North Korean Hackers Weaponize AI Against Crypto Traders

 May 01, 2026 | VECS News

Cybersecurity researchers have uncovered a chilling new chapter in North Korea's digital heist playbook. The state-backed hacking group Famous Chollima successfully injected malicious code generated by Anthropic's Claude Opus AI model into an open-source cryptocurrency trading project called openpaw-graveyard. The malware codenamed PromptMink now steals wallet credentials and system keys from anyone who installs the compromised package .

The breach occurred through a seemingly routine software update on February 28 2026. A developer working on openpaw-graveyard an autonomous AI agent that trades crypto on Solana and creates on-chain social identities approved a pull request co-authored by Claude Opus. The request added a new dependency called @validate-sdk/v2. No one noticed that this package was actually a sophisticated piece of credential-harvesting malware designed to plunder cryptocurrency wallets .

What makes this attack particularly alarming is how the hackers executed their strategy. Famous Chollima deployed a two-layer deception technique that proved especially effective against AI coding assistants. The first layer packages such as @solana-launchpad/sdk and @meme-sdk/trade contained no malicious code at all. These acted as bait establishing credibility within the npm ecosystem. The second layer packages hidden as dependencies carried the actual malware payload. When security researchers reported and removed one malicious package the hackers simply published a replacement on the same day using identical version numbers .

The malware has evolved significantly since its first appearance in September 2025. Early versions were simple JavaScript-based info stealers scanning for .env and .json files. Later iterations grew to 85MB Node.js single executable applications. The current version consists of compiled Rust payloads specifically designed to evade detection. Once installed PromptMink searches for crypto wallet configuration files, steals credentials, compresses entire project source codes for exfiltration, and drops SSH keys on Linux and Windows machines to establish permanent remote access .

The financial impact has been devastating. Security firm Expel tracked a related North Korean operation called HexagonalRodent which stole approximately $12 million worth of cryptocurrency in just three months using similar AI-assisted techniques. The hackers specifically targeted Web3 developers and small crypto projects people who hold significant funds but lack the enterprise-grade security infrastructure of major exchanges .

Marcus Hutchins the security researcher famous for disabling the WannaCry ransomware worm offered stark commentary on what this means for the industry. "These operators don't have the skills to write code. They don't have the skills to set up infrastructure. AI is actually enabling them to do things that they otherwise just would not be able to do," Hutchins told WIRED. He noted that the AI-generated malware contained emojis and excessively verbose comments classic fingerprints of vibe-coded software that most human programmers would never produce .

Michael Barnhart a researcher at DTEX who has tracked North Korean cyber operations for years described the situation as a fundamental shift in the threat landscape. "North Korea is using AI as a force multiplier and it is helping with every aspect building resumes building websites building exploits testing vulnerabilities and they're doing it at speed and scale," Barnhart said. The country has reportedly established Research Center 227 under its military Reconnaissance General Bureau specifically to develop AI-focused hacking tooling .

For cryptocurrency investors the implications extend beyond immediate financial losses. The KelpDAO exploit which cost the DeFi sector $293 million in April 2026 has already been preliminarily linked to North Korean Lazarus Group operations. Combined with the PromptMink supply chain attack a pattern emerges. North Korea is systematically industrializing its crypto theft operations using AI to lower the skill barrier and scale attacks across thousands of potential victims simultaneously .

Jefferies analyst Andrew Moss warned that these attacks may force traditional financial institutions to rethink their blockchain adoption timelines. "TradFi tokenization initiatives are proliferating but the exploit and its cascading implications could temporarily slow TradFi adoption as security risks are re-evaluated," Moss wrote. Banks and asset managers were already cautious about DeFi infrastructure. The discovery that AI agents can be tricked into installing malware will not accelerate their timelines .

The open-source community now faces an uncomfortable truth. AI coding assistants are becoming attack vectors rather than just productivity tools. ReversingLabs researcher Vladimir Pezo explained that Famous Chollima specifically designed its malicious packages to appeal to LLM optimization. The hackers wrote unusually detailed documentation for their fake packages knowing that AI agents would read those descriptions and recommend the packages without suspicion. In some cases the AI models even helped audit the malware to ensure it would not be detected by other AI security tools .

The bottom line for crypto investors is sobering. The same AI tools that promised to democratize software development have now been weaponized by one of the world's most aggressive state-sponsored hacking campaigns. Every developer who uses AI coding assistants is a potential entry point. Every npm package is a potential trap. Until the industry develops robust verification mechanisms for AI-generated code the supply chain will remain dangerously exposed. North Korea has already figured this out. The rest of the world is just beginning to catch up.