A hacking group tied to North Korea is running a new scam targeting people looking for crypto or blockchain jobs, according to Cisco Talos report on June 18.
The group, known as Famous Chollima (also referred to as Wagemole), has been using fake interviews to spread malware called “PylangGhost”.
This remote access trojan (RAT), built in Python, is based on an older malware strain called GolangGhost.
Did you know?
Subscribe – We publish new crypto explainer videos every week!
Is Your Crypto Safe? (5 Best Crypto Security Practices Explained)
The campaign mainly targets job seekers in India with experience in cryptocurrency. Victims are contacted by fake recruiters posing as representatives of companies, such as Coinbase
$120.3M
, or Robinhood.
Hackers guide the targets through a fake hiring process, which starts with messages and links to job testing sites that appear genuine. After collecting basic information, they invite candidates to a video call that looks like a real interview.
During the call, they ask the victim to enable camera and microphone access and to run certain computer commands. They claim this is needed to install or update video drivers, but instead, it installs the PylangGhost malware.
Once the malware is active, it gives hackers remote access to the person’s computer. It can collect system information, take screenshots, move files, and stay connected to the machine.
Cisco Talos stated that the malware is used to steal login details from over 80 browser extensions, including MetaMask, Phantom, TronLink, 1Password, NordPass, Bitski, Initia, and MultiverseX. Many of these are used to manage cryptocurrency wallets.
Meanwhile, Mobile Threat Intelligence reported that Crocodilus, an Android malware, has become more dangerous due to recent updates. What can it do? Read the full story.
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.
