The malware bypasses Apple’s memory protections and deploys an infostealer payload targeting crypto wallets.
North Korean hackers are using new strains of malware aimed at Apple devices as part of a cyberattack campaign targeting crypto companies.
According to a report from cybersecurity firm Sentinel Labs on Wednesday, the attackers impersonate someone trusted on messaging apps like Telegram, then request a fake Zoom meeting via a Google Meet link before sending what appears to be a Zoom update file to the victim.
Once the “update” is executed, the payload installs malware called “NimDoor” on Mac computers, which then targets crypto wallets and browser passwords.
