North Korean Hackers Target Crypto Projects With MacOS Exploit

TheCryptoTimes发布于2025-07-03更新于2025-07-03

Cybersecurity researchers have uncovered a new malware campaign by North Korean state-backed hackers aimed at cryptocurrency companies. This marks an alarming shift toward targeting Apple’s memory protection on macOS systems.

The malware, which hides in what looks like a Zoom update, is designed to infect computers used by developers and project staff. Once active, it can collect passwords, wallet data and internal files, raising the risk for teams building in Web3 and decentralized finance.

SentinelOne published a detailed technical analysis of the threat on 2 July, naming the exploit NimDoor after the obscure Nim programming language it uses. Because Nim is rarely seen on macOS, its use may help the malware evade detection by standard antivirus tools.

In the report, SentinelOne said, “DPRK threat actors are utilizing Nim-compiled binaries and multiple attack chains in a campaign targeting Web3 and crypto-related businesses.” This approach builds on a 2023 operation the firm called Hidden Risk, where similar groups used PDF lures and a clever persistence trick involving macOS’s zshenv file.

Meanwhile, blockchain data firm Chainalysis reported that North Korea-linked attackers stole more than $1 billion worth of crypto last year. The hacks were spread across 20 separate incidents, with stolen funds suspected to support weapons and missile programmes.

Cybersecurity experts urge Web3 companies to strengthen security on Mac devices. This includes blocking suspicious Zoom or Meet scripts, monitoring unsigned files, and reviewing user-level settings for hidden malware. 

Also Read: South Korea’s Upbit Adds MOODENG with KRW, BTC, USDT Trading Pairs



你可能也喜欢

深究 Open USD 合伙人阵容:看谁入局,就能看清资金流向何方

《富布斯》文章分析,Open USD在推出时已汇聚超过150家合作伙伴,其阵容本身比稳定币技术更值得关注。创始伙伴包括Stripe、Coinbase、万事达卡、Visa和贝莱德等巨头,更广泛的名单涵盖纽约梅隆银行、Shopify、谷歌、IBM、Ripple、Aave等来自金融、科技、加密和商业各领域的关键企业。 文章指出,如此广泛的联盟绝非偶然。每个参与方都看到了稳定币成为未来金融基础设施的潜力,并希望抢占位置而非被排除在外。资产管理公司如贝莱德看中管理巨额储备的收益;商户如Shopify希望降低支付成本并从余额中获得收益;银行则出于防御心态,参与以保住存款和结算业务;科技公司如谷歌、IBM着眼于未来机器间可编程支付的需求;加密企业则借此寻求主流化路径。 值得注意的是,许多直接竞争对手(如Visa与万事达卡、Coinbase与Ripple)罕见地加入了同一联盟。这反映出它们共同的恐惧:被排除在稳定币体系之外的代价,已超过与对手合作的不适。卡网络虽然面临稳定币可能削弱其传统刷卡业务的威胁,但仍选择加入,旨在未来继续通过提供结算等服务留在资金流中。 这种由竞争对手构成的治理联盟也可能导致决策缓慢。然而,名单本身传递出清晰信号:稳定币正从单一公司的产品,转变为行业共享的基础设施。这对现有主要稳定币发行方如Circle和Tether构成了直接威胁,因为其潜在客户集体转向了共建的替代方案。缺席者(如Circle、Tether及美国大型零售银行)同样说明了市场格局的分化。最终,Open USD的成功与否尚待观察,但其合作伙伴名单已揭示了资金流向和行业战略重心的演变趋势。

Foresight News1小时前

深究 Open USD 合伙人阵容:看谁入局,就能看清资金流向何方

Foresight News1小时前

交易

现货
活动图片