North Korea launches new information-stealing malware "PylangGhost" targeting cryptocurrency practitioners

ChainCatcher message, a North Korea-related cyber threat actor is using new malware to target job seekers in the cryptocurrency industry. This malware is designed to steal passwords from cryptocurrency wallets and password managers. Cisco Talos reported on Wednesday that it has discovered a Python-based remote access trojan (RAT) named "PylangGhost," linking this malware to a North Korean hacking group known as "Famous Chollima" (also referred to as "Wagemole").

This hacking group primarily targets job seekers and employees with cryptocurrency and blockchain experience, particularly in India, conducting attacks through social engineering tactics in the form of fake job interview activities.