{"id":89806,"date":"2025-10-10T17:37:09","date_gmt":"2025-10-10T14:37:09","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=89806"},"modified":"2025-10-10T17:41:14","modified_gmt":"2025-10-10T14:41:14","slug":"hackers-target-czs-google-account","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/hackers-target-czs-google-account\/","title":{"rendered":"Hackers Target CZ&#8217;s Google Account"},"content":{"rendered":"<p>Binance founder Changpeng Zhao (CZ) has reported an attempted breach of his Google account. The entrepreneur suggested that hackers from the <a href=\"https:\/\/forklog.com\/en\/news\/lazarus-group-what-we-know-about-the-outfit-suspected-of-the-bybit-hack\">Lazarus Group<\/a> might be involved.\u00a0<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">I get this warning from Google once in a while. Does anyone know what this is? North Korea Lazarus?<\/p>\n<p>Not that I have anything important on my account. But stay SAFU. \ud83d\ude4f <a href=\"https:\/\/t.co\/FCTIrcQG2C\">pic.twitter.com\/FCTIrcQG2C<\/a><\/p>\n<p>\u2014 CZ \ud83d\udd36 BNB (@cz_binance) <a href=\"https:\/\/twitter.com\/cz_binance\/status\/1976508825227157887?ref_src=twsrc%5Etfw\">October 10, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>&#8220;I get this warning from Google once in a while. Does anyone know what this is? North Korea Lazarus? Not that I have anything important on my account,&#8221; he wrote.\u00a0<\/em><\/p>\n<\/blockquote>\n<p>According to the warning, &#8220;government-backed attackers&#8221; attempted to steal CZ&#8217;s password.<\/p>\n<p>Users <a href=\"https:\/\/x.com\/GoPlusSecurity\/status\/1976547785949557054\">shared<\/a> a link to a <a href=\"https:\/\/security.googleblog.com\/2017\/03\/reassuring-our-users-about-government.html\">Google security blog post<\/a> concerning such notifications. The warning &#8220;does not necessarily mean that the account has been compromised or that a widespread attack is occurring.&#8221;\u00a0<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>&#8220;Rather, it reflects our assessment that an attacker might have attempted to access the user&#8217;s account or computer through phishing or malware. More about these warnings can be read here,&#8221; the text states.\u00a0<\/em><\/p>\n<\/blockquote>\n<h2 class=\"wp-block-heading\">Lazarus and the Crypto Industry\u00a0<\/h2>\n<p>According to Elliptic, North Korean hackers have <a href=\"https:\/\/forklog.com\/en\/news\/north-korean-hackers-steal-2-billion-in-crypto-assets-in-2025\">stolen<\/a> a record $2 billion in digital assets since the beginning of 2025. The total known damage from North Korean attackers has exceeded $6 billion.<\/p>\n<p>The majority of losses were incurred by the <a href=\"https:\/\/forklog.com\/en\/news\/life-after-bybit\">Bybit exchange<\/a>, which lost $1.4 billion in February.\u00a0<\/p>\n<p>In mid-September, Zhao <a href=\"https:\/\/forklog.com\/en\/news\/cz-warns-of-imposter-employees-threat-from-north-korea\">warned<\/a> of the threat posed by &#8220;fake employees&#8221; from North Korea. According to him, local hackers are &#8220;advanced, creative, and patient.&#8221;\u00a0<\/p>\n<p>The former head of Binance stated that he has encountered them personally on multiple occasions. The attackers often pose as job candidates to secure positions within companies.\u00a0<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>&#8220;They particularly like positions in development, security, and finance,&#8221; CZ added.<\/em><\/p>\n<\/blockquote>\n<p>Previously, researchers from Cisco Talos <a href=\"https:\/\/forklog.com\/en\/news\/north-korean-hackers-target-crypto-job-seekers-with-fake-interviews\">confirmed<\/a> that North Korean hackers targeted job seekers in the crypto industry through fake interviews. In June, the Kraken exchange team <a href=\"https:\/\/forklog.com\/en\/news\/kraken-uncovers-north-korean-spy-among-job-applicants\">identified<\/a> a North Korean spy among developer job applicants.\u00a0<\/p>\n<p>Meanwhile, on-chain investigator ZachXBT <a href=\"https:\/\/forklog.com\/en\/news\/zachxbt-challenges-the-myth-of-north-korean-hackers-genius\">believes<\/a> that the issue is not the &#8220;brilliance&#8221; of North Korean cybercriminals. In his view, the root cause is ordinary negligence. Most attacks can be prevented with minimal checks, the expert noted.\u00a0<\/p>\n<h2 class=\"wp-block-heading\">CZ and Meme Coins<\/h2>\n<p>CZ&#8217;s tweets about meme coins have garnered more interest from users. On October 8, the entrepreneur <a href=\"https:\/\/forklog.com\/en\/news\/cz-heralds-memecoin-season-on-bnb-chain\">announced<\/a> the start of a &#8220;funny coins&#8221; season on BNB Chain, which many traders took as a call to action. The excitement was short-lived.\u00a0<\/p>\n<p>The very next day, CZ stated that his messages should not be considered trading signals.\u00a0<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Good advice \ud83d\udc47<\/p>\n<p>For a brief time, I tried avoiding meme related content in my tweets. Impossible. Too many memes exist, and it made my writing unnatural.<\/p>\n<p>Now I just tweet normally, any overlap to memes is coincidental, not endorsement. <a href=\"https:\/\/t.co\/5AaxuGPGZT\">https:\/\/t.co\/5AaxuGPGZT<\/a><\/p>\n<p>\u2014 CZ \ud83d\udd36 BNB (@cz_binance) <a href=\"https:\/\/twitter.com\/cz_binance\/status\/1976043768219656235?ref_src=twsrc%5Etfw\">October 8, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>&#8220;I tried avoiding memes in tweets, but it&#8217;s impossible \u2014 there are too many, and it made my posts unnatural. Now I write as usual: any overlap with memes is coincidental and not an endorsement,&#8221; he wrote.\u00a0<\/em><\/p>\n<\/blockquote>\n<p>Soon after, the prices of many meme coins on BNB Chain plummeted. The price of the boom&#8217;s leader \u2014 a token with the ticker 4 \u2014 fell by more than 24% in the past day, according to <a href=\"https:\/\/dexscreener.com\/\">DEX Screener<\/a>.\u00a0<\/p>\n<p>The native cryptocurrency of the ecosystem \u2014 BNB \u2014 <a href=\"https:\/\/ru.tradingview.com\/chart\/?symbol=BINANCE%3ABNBUSDT\">corrected<\/a> to $1200 after reaching a historic high <a href=\"https:\/\/forklog.com\/en\/news\/bnb-surpasses-xrp-in-market-capitalisation-reaches-1300\">above $1300<\/a>.\u00a0<\/p>\n<p>Earlier, as the price of the Binance-linked token surged, CZ&#8217;s wealth <a href=\"https:\/\/forklog.com\/en\/news\/czs-wealth-valued-at-89-billion-he-disagrees\">exceeded<\/a> $89 billion. Zhao climbed to the 21st spot on Forbes&#8217; billionaire list.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Binance founder Changpeng Zhao reported an attempted breach of his Google account. He suggested involvement by Lazarus Group hackers.<\/p>\n","protected":false},"author":1,"featured_media":89807,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"Binance founder suggested Lazarus Group involvement.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1307,935,44,738],"class_list":["post-89806","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-bnb-chain","tag-changpeng-zhao","tag-cybercrime","tag-google"],"aioseo_notices":[],"amp_enabled":true,"views":"136","promo_type":"1","layout_type":"1","short_excerpt":"Binance founder suggested Lazarus Group involvement.","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/89806","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=89806"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/89806\/revisions"}],"predecessor-version":[{"id":89808,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/89806\/revisions\/89808"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/89807"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=89806"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=89806"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=89806"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}