North Korean threat actors, known as Famous Chollima, are using fake crypto job sites to deploy malware and steal wallet credentials from blockchain professionals.
Cisco Talos discovered a new Python-based remote access trojan (RAT) called PylangGhost, linked to this hacking collective.
💬 Key Details
🔸Targeted Attack: The hackers primarily target individuals with experience in cryptocurrency and blockchain technologies, especially in India.
🔸Fake Job Sites: Fraudulent job sites impersonate legitimate companies like Coinbase, Robinhood, and Uniswap.
🔸Malware Capabilities: PylangGhost enables remote control of infected systems, theft of cookies and credentials, and stealing browser data from over 80 extensions, including MetaMask and 1Password.
🔹To protect yourself, verify the legitimacy of recruitment portals and avoid running unknown commands.
#BreakingCryptoNews #XSuperApp #BinanceSquareTalks #BinanceSquareFamily #IsraelIranConflict