A Chinese hacker group operating under the guise of a legitimate cybersecurity firm allegedly stole 7 million dollars through wallet supply chain attacks targeting platforms like Trust Wallet. The operation was exposed after an internal dispute over profit sharing prompted a whistleblower to leak details of the group's illicit activities and technical methods.
The hacking collective operated publicly as Wuhan Anshun Technology, a firm claiming to specialize in network defense and vulnerability research. While maintainting this professional facade, the group allegedly conducted extensive gray market operations that involved the systematic theft of mnemonic phrases. According to leaked internal information, the organization utilized automated tools to scan for high-value portfolios across various major networks including Ethereum, BNB Chain, and Arbitrum.
The technical core of the operation relied on weaponizing vulnerabilities within Electron-based clients and browser plugins. By combining supply chain exploits with reverse engineering and remote-access software, the group was able to exfiltrate sensitive wallet data directly from users. This allowed them to gain unauthorized access to digital assets without the immediate knowledge of the victims or the service providers.
Once the data was harvested, the group reportedly drained funds across thirty-seven different token types and multiple blockchain ecosystems. To avoid detection by security analysts and law enforcement, the stolen assets were laundered through a series of complex transfers and splitting techniques designed to obscure the original source of the wealth. This sophisticated financial layering allowed the group to move millions of dollars in digital currency while operating in the shadows.
The downfall of the operation came not from external security measures, but from internal friction regarding the distribution of the stolen loot. An operator within the group became disgruntled over unpaid severance and perceived unfairness in how the profits were allocated among members. This individual eventually turned whistleblower, releasing the internal documents and evidence that linked the corporate entity to the multimillion-dollar crypto thefts.
Despite the sophisticated nature of the supply chain attacks, the exposure highlights the persistent risk of insider threats and the fragility of criminal enterprises. The leak has provided a rare look into how state-adjacent or corporate-fronted entities can exploit the very software users trust to secure their financial assets. The situation remains a stark reminder for crypto users to verify the integrity of their wallet plugins and maintain rigorous security protocols.
Source: China-Linked Hackers Steal $7M in Crypto via Wallet Supply Chain Attacks