A piece of malware targeting the encryption community and engineers has been discovered on Apple's macOS system

2023-11-03 20:07:13
Collection

ChainiCatcher news, according to Cointelegraph, a new type of malware called "KandyKorn" related to the North Korean hacker group Lazarus has been discovered on Apple's macOS system, targeting the crypto community and engineers.

According to analysis by Elastic Security Labs, "KandyKorn" is an invisible backdoor capable of data retrieval, directory listing, file upload/download, secure deletion, process termination, and command execution.

Initially, the attackers impersonated community members through Discord channels to spread a Python-based module. Social engineering attacks lured community members into downloading a malicious ZIP archive named "Cross-platform Bridges.zip," which mimicked an arbitrage bot designed for automatic profit. However, the file imported 13 malicious modules that worked together to steal and manipulate information.

Related tags
ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.
Related tags
ChainCatcher Building the Web3 world with innovators