Once that they had entry to Safe Wallet ??s process, they manipulated the user interface (UI) that shoppers like copyright personnel would see. They replaced a benign JavaScript code with code meant to change the intended desired destination in the ETH in the wallet to wallets managed by North Korean operatives. This destructive code would only g