Deep Tide TechFlow News, July 3, according to a report released on Wednesday by cybersecurity company Sentinel Labs, North Korean hackers are using a new type of malware targeting Apple devices to attack cryptocurrency companies. The hackers impersonate trusted individuals on instant messaging apps like Telegram, sending fake Zoom update files that actually install malware named 'NimDoor.'
This malware is written in the rare Nim programming language, capable of bypassing Apple's memory protection mechanisms and deploying information stealers specifically targeting cryptocurrency wallets and browser passwords. The Nim language, which can run on Windows, Mac, and Linux without modification, and is known for its fast compilation speed and difficulty in detection, is becoming a new favorite among cybercriminals.
The malware also contains scripts that can steal the encrypted local database of Telegram and decryption keys, and it will wait for 10 minutes before activation to avoid security scans.