Cyber Trick or Treat: How North Korea’s Lazarus Group Sweetened their Hack Game with KANDYKORN Malware

Feeling sweet? The Lazarus Group’s KANDYKORN macOS Malware is a sour surprise! It’s the latest trick in their bag, targeting unsuspecting blockchain engineers with a Python app disguised as an arbitrage bot. This wolf in sheep’s clothing delivers a SUGARLOADER payload and a KANDYKORN trojan. Now that’s a bitter bite!

Hot Take:

Feeling sweet? North Korea's Lazarus Group sure does with their new KANDYKORN macOS malware! It's the latest addition to their trick-or-treat bag of nasty surprises. This time, the unsuspecting victims were crypto exchange's blockchain engineers. The hackers posed as fellow engineers on Discord, distributing a Python app disguised as an arbitrage bot, a classic wolf in sheep's clothing scenario. The result? A SUGARLOADER payload and a KANDYKORN trojan that could do everything from exfiltrating data to executing arbitrary commands. So much for the sweet treat!

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here