Subj : This new macOS malware could leave you severely short-changed
To   : All
From : TechnologyDaily
Date : Mon Nov 06 2023 19:15:04

This new macOS malware could leave you severely short-changed

Date:
Mon, 06 Nov 2023 18:56:17 +0000

Description:
North Korean hackers are after your crypto again, but this time they're 
targeting macOS users.

FULL STORY
======================================================================

The North Korean hacking collective Lazarus Group is back at it again, 
targeting blockchain engineers with advanced data exfiltration and remote 
code execution-capable trojans. 

A report from researchers Elastic Security observed a new attack that 
originated on Discord and targeted the cryptocurrency community. By deploying 
a simple social engineering strategy, the attackers try and convince the 
victim to download a file named Cross-platform Bridges.zip, thinking its an 
arbitrage bot. 

Arbitrage bots are usually legitimate pieces of code that allow users to 
automate buying crypto on one exchange and selling it on another where the 
price is slightly different. The changes in the prices are minuscule, but 
with automation and a hefty sum to get going, some people claim the bots work 
well. Usually, the bots can be purchased for tens of thousands of dollars. 
State-sponsored threat actors 

But obviously, the victims wouldnt be getting the bot. Instead, theyd get the 
KandyKorn malware, built for the macOS and capable of a number of things, 
including gathering system information, listing directory contents, 
downloading and running files on the victims endpoint , deleting files, 
killing processes, stealing files, and more. 

The malware was built by the infamous Lazarus Group, the researchers allege, 
basing these claims on code and campaign overlaps with previous instances 
that were attributed to the North Koreans. 

Lazarus is a known group, with strong ties with the North Korean government. 
Allegedly, it was behind some of the biggest crypto heists in history, 
including the attack on the Ronin bridge, which left the protocol some $600 
million short. The stolen money is being used to fund the North Korean 
government and its nuclear program, western intelligence agencies claim. 

This group is also well-known for running fake job schemes, tricking 
developers into downloading malware during the hiring process. 

 Via BleepingComputer More from TechRadar Pro Got a virus? Here is the best 
malware removal software FBI - North Korean Lazarus hackers could be about to 
cash in millions of stolen Bitcoin Read our list of the best firewall software



======================================================================
Link to news story:
https://www.techradar.com/pro/security/this-new-macos-malware-could-leave-you-
severely-short-changed


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.