North Korean hackers targeting crypto projects with unusual Mac exploit
The malware bypasses Apple’s memory protections and deploys an infostealer payload targeting crypto wallets.
North Korean hackers are using new strains of malware aimed at Apple devices as part of a cyberattack campaign targeting crypto companies.
According to a report from cybersecurity firm Sentinel Labs on Wednesday, the attackers impersonate someone trusted on messaging apps like Telegram, then request a fake Zoom meeting via a Google Meet link before sending what appears to be a Zoom update file to the victim.
Once the “update” is executed, the payload installs malware called “NimDoor” on Mac computers, which then targets crypto wallets and browser passwords.
