ChainCatcher news, reported by Decrypt, threat intelligence research company Cisco Talos reported on Wednesday that North Korean hackers deployed a new type of Python remote access Trojan named 'PylangGhost' targeting cryptocurrency professionals through fake interviews disguised as recruiters from companies like Coinbase and Uniswap. This malware is associated with the notorious North Korean hacker group 'Famous Chollima' (also known as 'Wagemole').
The malware can steal credentials from over 80 browser extensions, including Metamask and 1Password, and achieve persistent remote access. The attacks primarily target Windows systems and macOS users, while Linux systems have not been affected by the current wave of attacks.
