North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware

Using a unique macOS malware known as KANDYKORN, state-sponsored threat actors from the Democratic People’s Republic of Korea (DPRK) have been discovered using Discord to target blockchain engineers of an unidentified cryptocurrency exchange company. According to Elastic Security Labs, which cited an examination of the network architecture and methods employed, the activity, which dates back to April 2023, shows similarities with the notorious antagonistic collective Lazarus Group.

“In order to obtain first access to the environment, threat actors enticed blockchain engineers with a Python application,” security experts Ricardo Ungureanu, Seth Goodwin, and Andrew Pease stated in a paper released today.x000D “This intrusion involved multiple complex stages that each employed deliberate defense evasion techniques.”

North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware

01-Nov-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address