A North Korean hacking group is targeting crypto workers with a Python-based malware disguised as part of a fake job application process, researchers at Cisco Talos said earlier this week.
Most victims appear to be based in India, according to open-source signals, and seem to be individuals with prior experience in blockchain and cryptocurrency startups.
STORY CONTINUES BELOW
While Cisco reports no evidence of internal compromise, the broader risk remains clear: That these efforts are trying to gain access to the companies these individuals might eventually join.
The malware, called PylangGhost, is a new variant of the previously documented GolangGhost remote access trojan (RAT), and shares most of the same features — just rewritten in Python to better target Windows systems.
Mac users
Join the conversation!
Please share your thoughts about this article below. We value your opinions, and would love to see you add to the discussion!