The J-magic malware campaign stealthily targeted Juniper enterprise-grade routers, turning them into points of entry to corporate networks. Operating from mid-2023 to mid-2024, targets included semiconductor, energy, manufacturing, and IT sectors. The malware renamed itself to blend in, then awaited a “magic packet” from the cyber attacker to open a backdoor. Lumen’s Black Lotus Labs detected the increasing trend of “magic packet” malware, highlighting difficulty in detection and increasing awareness of this technique.

North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to