
Tron in Trouble? ‘Glaring Divergence’ Flagged Behind TRX’s Latest Surge
Tron’s TRX has surged over 23% but faces potential correction risks due to declining on-chain activity.

Ripple is sharing threat intelligence on North Korean hackers with the crypto industry, following $577 million in cryptocurrency thefts in 2026. This initiative aims to enhance security by providing insights into known fraud domains and active hacking campaigns.
Mentioned in this story
The strongest security posture in crypto is a shared one.
A threat actor who fails a background check at one company will apply to three more that same week. Without shared intelligence, every company starts from zero.
Ripple is now contributing exclusive DPRK threat…
— Ripple (@Ripple) May 4, 2026 Ripple's threat intelligence includes enriched profiles of suspected North Korean IT workers trying to embed themselves inside crypto firms, covering domains, wallets, and indicators of compromise. “What makes this different from a typical threat feed isn't just the data, it's the contextual enrichment from a security team with deep expertise of the threat actors impacting the crypto ecosystem,” Spring added. The intelligence sharing comes as North Korean operatives shift tactics from quick technical exploits to patient social engineering campaigns. In the Drift hack, attackers spent months befriending the platform's contributors before slipping malware onto their machines and stealing the keys. The employed a different approach, two internal RPC nodes and launching DDoS attacks against external nodes to feed false data to LayerZero Labs DVN. Just a “handful of attributed incidents” including the KelpDAO and Drift hacks accounted for in 2026 through April, according to intelligence firm TRM Labs. Security experts warn that North Korea's recent crypto attacks represent a fundamental shift in threat modeling across the crypto space. Natalie Newson, senior blockchain security researcher at CertiK, last month that Lazarus Group’s elevated activity level is raising concerns among the industry. "KelpDAO, Drift, and now a new macOS malware kit, all within the same month,” she said, adding that, “This isn't random hacking; it's a state-directed financial operation running at a scale and speed typical of institutions." The severity of the April attacks immediate industry responses. The Arbitrum Security Council over 30,000 ETH of the attacker's downstream funds after the KelpDAO exploit on April 20, demonstrating the ecosystem's growing ability to coordinate defensive measures. However, the response has caused some friction in the community, with Aave yesterday in federal court asking for the $71 million in funds frozen by Arbitrum to be unblocked, arguing that the money belongs to its users rather than the hackers. The intelligence sharing initiative reflects a broader industry shift toward collaborative security measures, Justine Bone, Executive Director of Crypto ISAC, said. “For too long, information sharing was seen as optional. Today, it is the gold standard for security," Bone noted, calling Ripple’s collaboration, “the definitive proof of concept.”
North Korean hackers have stolen $577 million in cryptocurrency so far in 2026.
The Drift exploit involved North Korean hackers stealing $285 million through a social engineering campaign targeting company employees.
Ripple is sharing intelligence that includes domains, wallets associated with fraud, and indicators of compromise from active North Korean hacking campaigns.
North Korean attacks represent a significant shift in threat modeling, accounting for 76% of all crypto hack losses in 2026 from just a few incidents.

Tron’s TRX has surged over 23% but faces potential correction risks due to declining on-chain activity.

Circle launches Arc blockchain with $3 billion valuation and $222 million presale

Google's Threat Intelligence Group reported that hackers used AI to create a zero-day exploit that bypasses two-factor authentication in a popular web tool. This marks the first confirmed instance of AI-assisted zero-day development in the wild.

XRP whales are under fire for allegedly manipulating liquidity in the market. What does this mean for investors?

Bipartisan agreement reached to strengthen law enforcement in crypto regulation.

Solana's Alpenglow upgrade has begun community testing ahead of a full rollout, expected by Q3 or Q4.
See every story in Crypto — including breaking news and analysis.