Cybercriminals are exploiting news of Ross Ulbricht’s pardon by U.S President Trump, duping users via a Telegram channel into running malware-infected PowerShell scripts. A disguised captcha or verification process leads users to download a PowerShell script and a ZIP file containing files like identity-helper.exe, a suspected Cobalt Strike loader used for remote access and launching ransomware or data theft campaigns. This comes after Ulbricht, founder of the infamous Silk Road dark web marketplace, was released from prison.

North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to