State-sponsored hackers believed to be from North Korea have attempted to infect the systems of blockchain engineers with a new macOS malware. Security researchers from Elastic discovered the attempts to spread the malware, named Kandykorn, began on Discord. Impersonating blockchain community members, the hackers directed victims to download a ZIP file containing the malware, under the guise of a cryptocurrency bot. Kandykorn has capabilities to monitor, interact and avoid detection. It runs on command-and-control servers used by the Lazarus Group.
FBI removed PlugX malware from U.S. computers
The FBI, in collaboration with international partners, successfully deleted “PlugX” malware from infected computers globally. The Chinese government-funded hacking group, “Mustang Panda,” that used a
