North Korean hackers, believed to be associated with the Lazarus Group, are targeting macOS crypto engineers with a new malware called Kandykorn. The hackers impersonate members of the blockchain engineering community to trick victims into downloading malicious code. The malware, named Kandykorn, provides various capabilities for data access and exfiltration. The malware communicates with a command-and-control server and uses reflective binary loading, a memory-resident form of execution that bypasses traditional detection methods. Hashtags: #NorthKoreanHackers #LazarusGroup #Kandykorn #macOS #malware

https://www.infosecurity-magazine.com/news/north-korea-crypto-engineers/