North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware

Using a unique macOS malware known as KANDYKORN, state-sponsored threat actors from the Democratic People’s Republic of Korea (DPRK) have been discovered using Discord to target blockchain engineers of an unidentified cryptocurrency exchange company.

According to Elastic Security Labs, which cited an examination of the network architecture and methods employed, the activity, which dates back to April 2023, shows similarities with the notorious antagonistic collective Lazarus Group.

“In order to obtain first access to the environment, threat actors enticed blockchain engineers with a Python application,” security experts Ricardo Ungureanu, Seth Goodwin, and Andrew Pease stated in a paper released today.

This intrusion involved multiple complex stages that each employed deliberate defense evasion techniques read more North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *