North Korean hackers are using novel MacOS malware named KandyKorn to target blockchain engineers of a cryptocurrency exchange platform. The attack By impersonating blockchain engineering community members on Discord, the attackers used social engineering techniques to make victims download a malicious ZIP file. The victims believe they are installing an arbitrage bot, i.e., crypto trading software, but they end up downloading a Python file (Main.py), which downloads and executes Watcher.py, which is used for staging … More
The post KandyKorn macOS malware lobbed at blockchain engineers appeared first on Help Net Security.