Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
Gate MCP
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
GateRouter
Smartly choose from 30+ AI models, with 0% extra fees
Recently, a significant data leak was detected. ZachXBT just announced information about an internal payment server of a North Korean IT team being compromised, with over 390 accounts exposed along with all chat histories and crypto transaction data.
What caught my attention the most is the scale of the money transfers. From late November last year to now, the related wallet addresses have moved more than $3.5 million. Notably, the USDT wallet addresses on the Tron network were transferred through exchanges or converted into fiat via platforms like Payoneer, then deposited into Chinese bank accounts.
Looking at on-chain data, there is an interesting detail. One of the USDT addresses on Tron was blacklisted by Tether in December. This indicates that Tether is also monitoring this situation. Additionally, three companies in the user list have been sanctioned by OFAC, including Sobaeksu.
ZachXBT compiled the entire organizational chart and data scope from December last year to February this year. This is a typical example of how IT groups associated with sanctioned regimes still attempt to launder money through crypto channels. Security analysts should pay attention to these patterns to detect similar activities early in the future.