North Korean Hackers Target Mac Crypto Wallets with New NimDoor Malware
A newly discovered malware strain named NimDoor is raising alarms across the crypto community — especially for users on macOS.
Researchers have traced the malware to North Korean state-backed hacking groups, who are now targeting cryptocurrency holders with a surprisingly sophisticated campaign.
The attackers use social engineering to send fake Zoom updates via platforms like Telegram and Google Meet, tricking users into installing what seems like a video conferencing update — but is actually a custom-built backdoor.
Written in the obscure Nim programming language, NimDoor is difficult for antivirus tools to detect.
Once installed, it quietly exfiltrates sensitive data like browser-stored passwords, Telegram session…
