[adrotate group="2"]

SHOCKING EXPOSÉ: North Korean Hacker Takes Over Waves Protocol!

A DEVASTATING BREECH UNVEILED! Just when we thought North Korea was simmering down, an explosive report reveals a rogue developer has infiltrated the Waves Protocol’s Keeper-Wallet codebase! And guess what? This cyber-sneak is allegedly from the DPRK!

The Mysterious “AhegaoXXX” Strikes Again!

Scanning the digital landscape for suspicious activity on GitHub is all in a day’s work, and what do we find? The mysterious account “AhegaoXXX” has been pushing unauthorized updates to Keeper-Wallet! It’s like the plot of a tech thriller gone wrong—except this is REALITY!

RISING ALARM: Code Changes That Spell TROUBLE!

Despite no credible activity since August 2023, something sinister began brewing in May 2025. The analyses revealed that this account has the power to manipulate branches, create releases, and even publish to the crucial Node Package Manager (NPM) registry! Talk about a hostile takeover—this rogue operator has been given the keys to the kingdom!

Undercover Connection: DPRK’s IT Zombie Army!

This isn’t just a random hacker—oh no! Reports suggest “AhegaoXXX” is tied to a network of DPRK IT operatives known for infiltrating software projects via freelance channels. The implications? A sophisticated scheme that’s both chilling and mind-boggling!

Suspicious Code Alert!

Heads up! One alarming commit found within the “Keeper-Wallet/Keeper-Wallet-Extension” adds a function that could leak wallet logs and runtime errors to an external database! This malevolent code could easily siphon off mnemonic phrases and private keys. The code hasn’t been merged—yet. But its presence screams INTENT to breach your digital safety!

The Sleeping Giant Awakes: NPM Packages Go Live!

Just when you thought it was quiet for years, the NPM registry now shows those packages like “@waves/provider-keeper” and “@waves/waves-transactions” suddenly springing to life! All eyes are on “msmolyakov-waves,” linked to a former engineer whose credentials might have fallen into malicious hands!

Unbelievable: Supply-Chain in Jeopardy!

The audacity of this pivot from simple freelancing to direct repository control is nothing short of jaw-dropping! This unprecedented “cross-over” between honest contract work and a blatant hacking spree is alarming! If you’re a Waves user, beware—the very wallet you trust could be spilling your secrets to a dangerous server!

Time for a Reality Check: Protect Your Code!

The report sounds a clarion call! Development teams need to tighten their defenses! Audit contributor privileges, sanitize inactive GitHub members, keep a close watch on who releases packages, and don’t let rogue redirects slip under the radar!

Regular reviews of publisher email domains are now a MUST to spot dormant accounts that could unleash chaos.

This isn’t just tech news—this is a wake-up call! Buckle up, because the cyberwar is just heating up!