Apple’s macOS has been targeted by a new malware, “KandyKorn”, linked to the North Korean Lazarus Group. The malware targets blockchain engineers of a cryptocurrency exchange and can retrieve data, load/download files, terminate processes, and manipulate directories. The Lazarus Group masquerades as community members on Discord channels to spread the malware, which is then activated by downloading a malicious zip file.
Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms
Google-owned Mandiant on Friday said it identified an “expansion in threat activity” that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking
