A new crypter and loader named ASMCrypt, which is an “evolved version” of the DoubleFinger malware, is being sold on the dark web. Leveraging TOR networks, it enables users to build and covertly deliver payloads obscured in encrypted .PNG files. This technology can be used by cybercriminals to gain network access for ransomware attacks and data theft. Increasingly, threat actors are collaborating, evidenced by partnerships between groups like GuLoader and Remcos RAT. An information-stealing malware, Lumma Stealer, has also been observed in recent activity.
North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to
