North Korea targets crypto workers with new info-stealing malware — TradingView News
A North Korean-aligned threat actor has been targeting job seekers in the crypto industry with new malware that is designed to steal passwords for crypto wallets and password managers.
Cisco Talos reported on Wednesday that it found a new Python-based remote access trojan (RAT) it called “PylangGhost,” linking the malware to a North Korean-affiliated hacking collective called “Famous Chollima,” also known as “Wagemole.”
The hacking group has been targeting job seekers and employees with cryptocurrency and blockchain experience, primarily in India, with the attacks carried out through fake job interview campaigns using social engineering.
“Based on the advertised positions, it is clear that the Famous Chollima is broadly…
