the oldest technique in the book by which companies always get hacked:

1)the person will pinpoint a crypto company which probably lacks good security or not proper educating the person who has access to the VPN with admin privileges if not then KRBTGT or TGT or obtain the TGT for any account that has the "Do not require Kerberos preauthentication" setting enabled or Kerberoasting


2)target a person with a sensitive role in the company by offering him quick earning money scheme jobs

3) infect him with screenconnect+signed by ev cert or any other form of infection method which are plenty for targetted attacks such as the meetings calendar etc etc

4) after infection just sit and watch his screen and learn what exactly he does on his pc by hvnc

5) if u are low on budget for purchasing the EV cert for signing the file or any other infection method, people usually get ended up phished(which i doubt happened in this case)

Using stolen credentials, attacker accesses the corporate email or VPN or by any privately written malware for this purpose

From there, they move laterally inside the network, escalate privileges, and exfiltrate data.


just be smart and keep ur funds on a ledger , (not your keys not ur wallet)