On February 21, 2025, when copyright employees went to approve and sign a routine transfer, the UI confirmed what gave the impression to be a legitimate transaction Together with the supposed location. Only after the transfer of money on the hidden addresses established from the malicious code did copyright workers understand some thing was amiss.