Lazarus Group Targets Crypto Engineers with Stealthy MacOS Malware

Apple's MacOS is the latest victim of cybersecurity threats, with blockchain specialists on a cryptocurrency platform being the prime targets.

Upon meticulous research, Elastic Security Labs unveiled the workings of malware "KandyKorn," which is linked to the North Korean Lazarus Group. This malware can not only extract data but also manage files, cancel processes, and initiate commands on an infiltrated system. 

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

What is Curve Finance in Crypto? (Animated Explanation)

SUBSCRIBE

ON YOUTUBE

According to Elastic Security Labs, the attacks began on the popular Discord platform, where attackers camouflaged themselves as genuine community members. Using this cover, they distributed a deceptive file, purportedly an arbitrage bot for cryptocurrency, which is, in reality, packed with harmful files.

One significant detail from the analysis highlighted the hacker group's ever-evolving tactics, revealing that malicious actors adopted a previously unseen method, called "flow hijacking," to maintain a lasting presence on MacOS.

For the Lazarus group, the appeal of the cryptocurrency world seems to stem from its lucrative nature. Thus, the unveiling of "KandyKorn" proves that even robust platforms like MacOS can't always evade the advanced and concealed techniques of seasoned hackers.

Another incident in the crypto sphere that underscores the urgency of heightened security was the vulnerability of Unibot. This widely-used Telegram bot facilitates trades on Uniswap but fell prey to an exploit. This vulnerability led to a significant nosedive in the token's price, plummeting by 40% in just 60 minutes.

As a gesture of goodwill and responsibility, Unibot has pledged to offset the losses of the impacted users.

The events surrounding KandyKorn and Unibot serve as cautionary tales for the crypto community. As cyber threats constantly evolve, security protocols must be a step ahead to safeguard user interests and assets.

Gile K., Market Sentiment Analyst

Gile is a Market Sentiment Analyst who understands what public events may form what emotions. Her experience researching Web3 news and public market messages – including cryptocurrency news reports, PRs, and social network streams – is critical to her role in helping lead the Crypto News Editorial Team.
As an intelligent professional in public relations, together with the team, she aims to determine real VS fake news patterns, and bring her findings to anyone searching for unbiased news and events happening in the FinTech markets. Her expertise is uncovering the latest trustworthy & informative Web3 announcements to the masses.
When she's not researching the trustworthiness of mainstream stories, she spends time enjoying her terrace view and taking meticulous care of her outdoor environment.

Full Bio

All Expert Contributors & Analysts