ChainThink reports that on March 17, the official WeChat account of the Cyber Investigation Institute revealed that a Chinese hacking group experienced internal conflict over a dispute regarding the division of stolen funds. A member publicly disclosed that the group had previously stolen approximately $7 million in crypto assets through a supply chain attack, targeting platforms including the crypto wallet Trust Wallet.
According to leaked information, the team operates publicly under the guise of a cybersecurity company called "Wuhan Anfen Technology," with declared services including vulnerability discovery, cyber attack and defense, and security solutions. However, internally, they engage in black-market activities such as cryptocurrency theft. Team members claim they exploit supply chain vulnerabilities in Electron clients, perform plugin reverse engineering, and use automated tools to bulk harvest mnemonic phrases and scan multi-chain assets across networks including Ethereum, BNB Chain, and Arbitrum.
The whistleblower stated that the team developed automated tools to bulk-scan mnemonic phrase assets, stole wallet data via remote control software, and then transferred and fragmented the funds. The alleged attacks reportedly involved 37 different tokens across multiple blockchain networks.
The trigger for this incident's exposure was an internal dispute over profit distribution. The whistleblower claimed they had a conflict with the team leader over unfair profit allocation, and after their severance compensation was not fulfilled, they publicly released relevant evidence and plan to surrender to law enforcement authorities.
The related allegations have not yet been officially confirmed, and further investigation is needed to determine the details. Industry experts note that this incident once again highlights the security risks associated with cryptocurrency wallet supply chains and plugins, as well as the growing trend of targeted attacks against high-value users.