KandyKorn macOS malware lobbed at blockchain engineers | allinfosecnews.com

Nov. 3, 2023, 12:34 p.m. | Helga Labus

Help Net Security www.helpnetsecurity.com

North Korean hackers are using novel MacOS malware named KandyKorn to target blockchain engineers of a cryptocurrency exchange platform. The attack By impersonating blockchain engineering community members on Discord, the attackers used social engineering techniques to make victims download a malicious ZIP file. The victims believe they are installing an arbitrage bot, i.e., crypto trading software, but they end up downloading a Python file (Main.py), which downloads and executes Watcher.py, which is used for staging … More →

The post …

attack attackers blockchain bot community cryptocurrency cryptocurrency exchange discord don't miss download elastic engineering engineers exchange file hackers hot stuff impersonating macos macos malware malicious malware north north korea north korean north korean hackers novel platform social social engineering target techniques zip

More from www.helpnetsecurity.com / Help Net Security

Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics … 34 minutes ago | www.helpnetsecurity.com

access anti-ransomware articles attackers +24

Snowflake denies breach, blames data theft on poorly secured customer accounts 12 hours ago | www.helpnetsecurity.com

accounts actor aware breach +26

Snowflake compromised? Attackers exploit stolen credentials 1 day, 13 hours ago | www.helpnetsecurity.com

accounts analytics attackers claims +26

25,000 individuals affected in BBC Pension Scheme data breach 1 day, 19 hours ago | www.helpnetsecurity.com

bbc breach current data +20

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) 1 day, 21 hours ago | www.helpnetsecurity.com

0 day accounts april attackers +31

apexanalytix Cyber Risk provides instant alerts for supplier data breaches 1 day, 23 hours ago | www.helpnetsecurity.com

account alerts apexanalytix breaches +24

Lack of skills and budget slow zero-trust implementation 2 days, 4 hours ago | www.helpnetsecurity.com

amp breach budget cyber +24

Encrypted Notepad: Open-source text editor 2 days, 5 hours ago | www.helpnetsecurity.com

ads aes app connection +19

New infosec products of the week: May 31, 2024 2 days, 5 hours ago | www.helpnetsecurity.com

adaptive shield capabilities dashlane detectify +21

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com