Ripple shares internal data on North Korean hacks to boost crypto industry security.

Ripple has started sharing detailed threat intelligence on North Korean hacking groups with Crypto ISAC to help crypto firms detect and prevent insider-driven attacks. This follows a shift from exploiting code vulnerabilities to long-term infiltration tactics, as seen in the Drift case where attackers gained trust over months to bypass security without triggering alerts. Ripple's data includes domains, wallet addresses, and personal identifiers linked to coordinated attacks, enhancing real-time threat response across the crypto ecosystem. Legal disputes are also emerging over stolen assets linked to these attacks, highlighting the growing impact of such cyber threats.