North Korean Hackers Unleash ‘Durian’ Malware, Targeting South Korean Crypto Firms

The post North Korean Hackers Unleash ‘Durian’ Malware, Targeting South Korean Crypto Firms appeared first on Coinpedia Fintech News

State-backed North Korean hacking group Kimsuky has launched attacks on at least two South Korean cryptocurrency firms using a new malware variant dubbed “Durian.” Cybersecurity firm Kaspersky’s threat report of May 9 says, the malware exploits legitimate security software that is exclusive to the South Korean crypto firms. “Durian” operates as an installer for multiple malware components. “Durian” operates as an installer for multiple malware components. These include a backdoor called “AppleSeed”, “LazyLoad” a custom proxy tool. In addition, a connection is observed between Kimsuky and Lazarus Group by Kaspersky. Notoriety is gained by the latter for laundering more than $200 million in crypto between 2020 and 2023.