Lazarus targets blockchain engineers with new KandyKorn macOS Malware
Security Affairs
NOVEMBER 5, 2023
The attackers attempted to trick victims into downloading and decompress a ZIP archive (Cross-Platform Bridges.zip) containing the malicious Python code masqueraded by an arbitrage bot. log – SUGARLOADER Stage 3 (Loader)- Discord (fake) – HLOADER Stage 4 (Payload) – KANDYKORN Decompressing the archive, it reveals a Main.py
Let's personalize your content