Rewards Hub The North Korean Lazarus Group has launched a new attack campaign, "Mach-O Man," targeting executives in the fintech and cryptocurrency sectors. According to CertiK, the group uses ClickFix social engineering tactics, tricking victims into executing malicious commands on their Mac terminals through fake online meeting invitations. This allows the attackers to infiltrate corporate and financial systems.
Over the past two weeks, the Lazarus Group has reportedly stolen over $500 million from platforms such as Drift and KelpDAO. The "Mach-O Man" campaign employs a modular macOS malware toolkit developed by Chollima, a subgroup of Lazarus, which is designed to self-delete after execution to avoid detection. The attackers have also hijacked DeFi project domains, replacing them with counterfeit Cloudflare messages to further their campaign.
Lazarus Group Targets Crypto Firms with macOS Malware
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.