North Korean hackers believed to be part of state-sponsored group Lazarus are reportedly targeting blockchain engineers’ Apple devices with advanced malware named Kandykorn to steal cryptocurrency. The attackers pose as a crypto arbitrage bot in a Python app delivered via a popular public Discord server. The hackers are then able to access and exfiltrate data. The campaign began in April and remains ongoing, according to cybersecurity firm Elastic Security Labs.
Mustang Panda Uses Signed Kernel Driver to Install TONESHELL Backdoor – The Hacker News
Mustang Panda Uses Signed Kernel Driver to Install TONESHELL Backdoor The Hacker News
