Once that they had entry to Safe Wallet ?�s process, they manipulated the consumer interface (UI) that clients like copyright staff members would see. They replaced a benign JavaScript code with code designed to change the supposed destination on the ETH within the wallet to wallets managed by North Korean operatives. This malicious code would o