"North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware"

State-sponsored threat actors from the Democratic People's Republic of Korea (DPRK) have been targeting blockchain engineers of an unnamed cryptocurrency exchange platform through Discord with macOS malware named KANDYKORN. According to Elastic Security Labs, the activity dating back to April 2023 overlaps with Lazarus Group, based on an analysis of the network infrastructure and techniques used. Researchers reported that the threat actors used a Python application to lure blockchain engineers in order to gain initial access to the environment. This article continues to discuss DPRK threat actors targeting blockchain engineers with KANDYKORN macOS malware.

THN reports "North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware"

Submitted by grigby1
 

Submitted by Gregory Rigby on