朝鲜黑客利用 Kandykorn 恶意软件攻击加密工程师

2023-11-05 04:17

据 CryptoPotato 报道，Elastic Security Labs 最近发现了一起复杂的网络入侵事件，据信是与 Lazarus 组织有关的朝鲜黑客所为。该事件被追踪为 REF7001，涉及使用一种名为 Kandykorn 的新型 macOS 恶意软件，专门针对加密货币交易所平台的区块链工程师。该恶意软件是通过公共 Discord 服务器上的私人消息发布的，这在 macOS 入侵策略中并不常见。Kandykorn 恶意软件利用加密的 RC4 和独特的握手机制启动与命令控制（C2）服务器的通信。它耐心地等待命令，让黑客能够谨慎地保持对被入侵系统的控制。Elastic Security Labs 对 Kandykorn 的功能提供了有价值的见解，展示了它在执行文件上传和下载、进程操作以及执行任意系统命令方面的能力。该恶意软件还利用了反射式二进制加载技术，这是一种与臭名昭著的 Lazarus 集团有关的无文件执行技术。有确凿证据表明，该攻击与朝鲜的 Lazarus 集团有关，包括技术、网络基础设施、用于签署恶意软件的证书以及用于检测 Lazarus 集团活动的定制方法等方面的相似之处。链上交易揭示了 Atomic Wallet、Alphapo、CoinsPaid、Stake.com 和 CoinEx 的安全漏洞之间的联系，进一步证明了 Lazarus 集团参与了这些漏洞的利用。Elastic Security Labs 强调了采取强有力的网络安全措施防范此类威胁的重要性。

利好1

利空

朝鲜黑客利用 Kandykorn 恶意软件攻击加密工程师

更多新闻 kandykorn

热门资讯

Ledger and Pudgy Penguins Team Up to Drop Exclusive Custom Wallet and Cases After Teasing Collaboration on Social Media

ChatGPT’s Parent Company OpenAI Would Buy Chrome If Regulators Break Up Google

Binance's Changpeng Zhao Meets Malaysian PM to Discuss Blockchain Innovation Strategy

TRUMP Meme Coin Skyrockets After Exclusive Dinner Perk Announcement for Top 220 Holders—But Will the Buzz Last?

‘Millionaires Will Leave’: Trump Warns 40 % Top Tax Rate Would Drive Wealth Overseas

Russia to Roll Out National Crypto Exchange for Elite Investors with Substantial Financial Power—High-Rollers Only, No Small Fish Allowed

AI at the Wheel: BMW to Equip Cars with DeepSeek AI as Part of Strategic Expansion in Automotive Intelligence

Hackers Inflate Penny Stocks via Compromised Japanese Brokerage Accounts, Unauthorised Trades Surge 20-Fold in Two Months: Are Desktop Browsers the Weak Link?

AI and Fake ID Scheme Nets Scammers $4 Million Using Crypto Influencer's Identity

Malaysian Teen in Deepfake Porn Case Charged with Possession, Maintains Innocence on Creation

朝鲜黑客利用 Kandykorn 恶意软件攻击加密工程师

更多新闻 kandykorn

热门资讯

Ledger and Pudgy Penguins Team Up to Drop Exclusive Custom Wallet and Cases After Teasing Collaboration on Social Media

ChatGPT’s Parent Company OpenAI Would Buy Chrome If Regulators Break Up Google

Binance's Changpeng Zhao Meets Malaysian PM to Discuss Blockchain Innovation Strategy

TRUMP Meme Coin Skyrockets After Exclusive Dinner Perk Announcement for Top 220 Holders—But Will the Buzz Last?

‘Millionaires Will Leave’: Trump Warns 40 % Top Tax Rate Would Drive Wealth Overseas

Russia to Roll Out National Crypto Exchange for Elite Investors with Substantial Financial Power—High-Rollers Only, No Small Fish Allowed

AI at the Wheel: BMW to Equip Cars with DeepSeek AI as Part of Strategic Expansion in Automotive Intelligence

Hackers Inflate Penny Stocks via Compromised Japanese Brokerage Accounts, Unauthorised Trades Surge 20-Fold in Two Months: Are Desktop Browsers the Weak Link?

AI and Fake ID Scheme Nets Scammers $4 Million Using Crypto Influencer's Identity

Malaysian Teen in Deepfake Porn Case Charged with Possession, Maintains Innocence on Creation

‘Millionaires Will Leave’: Trump Warns 40 % Top Tax Rate Would Drive Wealth Overseas